Setting Up A Linux PPP Dial-In Server in 1 hour


The steps below should work (with very few modification) on almost any Linux System.
You may have to modify it a little to suit your own particular installation. Based on this, it is assumed that you have  some experience using Linux (in particular, you should be able to figure out what device file represents your modem). The steps below assumes I have device file /dev/ttyG2_00 as the access to my internal modem. You can search for these RPM files on rpmfind.net or on the website(s) of your Linux distribution. Also the name may vary a little (for example, newer versions of the files may be available)

Now lets get started.

1. Install the following either from source (Unix in general) or RPM (Linux)

NOTE: whether you install ppp-2.4.2-b3 using rpm or source (tar.gz), you might still need to extract the source as it seems many of the configuration files and supporting files needed by ppp does not come with the RPM file.

2. You must add a line for each modem you want mgetty to manage to your /etc/inittab file
example: the line below tells mgetty to monitor the serial device /dev/ttyG2_00 in runlevels 1,2,3,4 and 5 I have:

pp20:12345:respawn: /sbin/mgetty /dev/ttyG2_00

NOTE(s): 

3. Change the line (in /etc/mgetty+sendfax/login.config file):

/AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login debug
to:
/AutoPPP/ - a_ppp /usr/sbin/pppd file /etc/ppp/options.pptpd

4. you may want to uncomment the following lines in /etc/mgetty+sendfax/mgetty.config

port-owner uucp
port-group uucp
port-mode 0664

5. configure the /etc/options.pptpd settings appropriately for your set-up
the following will do for radius authentication

asyncmap 0
netmask 255.255.255.0
proxyarp
lock
crtscts
modem
-detach
proxyarp
#multilink
# noccp allows clients to browse!!!
noccp
lcp-echo-failure 30
lcp-echo-interval 5
ms-dns 10.1.0.253
ms-dns 10.1.0.253
plugin radius.so

You only need the last line above if you are using RADIUS authentication. In which case, you also need to configure some extra files - the radiusclient for one.

6. Configure your server as a radiusclient (relevant files are in the /etc/radiusclient directory)
Basically you enter your radius server's IP-address and port into the radiusclient.conf file AND enter the radius server's IP-address and secret-key(s) into the servers file.

Please read the descriptions in these two files.

NOTE: please ensure that you have (at least) the following files in your /etc/radiusclient directory:

dictionary, issue, port-id-map, radiusclient.conf, servers

7. What about IP address allocation!
The config above assumes that the RADIUS server would be allocating IP addresses.
If you want the dial-in server to allocate IP addresses then do the following:
    For every modem, you need to create a file in /etc/ppp directory called "options.device-name" where device-name is the serial-device's name, e.g., for serial device /dev/ttyS4, I would have a file called options.ttyS4
In this file I will put the IP address that the server will allocate to a client that calls in on that modem.

The file format is:

server-ip-address-endpoint:allocated-client-ip-address

e.g.,

10.1.0.10:10.1.0.12

Alternatively you may use hostnames, lets assume that the /etc/hosts file on the server contains the line

10.1.0.10 mainserver

then in the options.ttyS4 for example, I could have the line below instead:

mainserver:10.1.0.12

This means that the server endpoint for the link is 10.1.0.10 and the client should be allocated the address 10.1.0.12

You need one IP address for every modem.

Finally read the MAN pages for all these programs :-)
By the way, the "1 hour" in the title was chosen arbitrarily :-)

NOTES: 
* Some *nixes distributions have specific formats for the identification string.

12-Sept-2003 

Back to main page | Back to the top | Contact me | Favourite sites