Author Topic: PPTP VPN - iPhone VPN access  (Read 18842 times)

jimbodude

  • Guru
  • ****
  • Posts: 372
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #15 on: August 28, 2009, 03:37:28 pm »
I'm very interested in this.  I could test it as early as this weekend, definitely before Wednesday.  Provide the changes, make a wiki page about it.  If you need some web space to share anything out, I can provide that for you via PM.

Looks like very nice work so far.

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #16 on: August 28, 2009, 05:00:12 pm »
I am making good progress. I made changes to a few php files and created a new one. I am testing everything now, but it's looking good so far.
« Last Edit: August 30, 2009, 04:38:49 am by donpaul »

dlewis

  • Guru
  • ****
  • Posts: 401
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #17 on: August 28, 2009, 05:03:56 pm »
thanks donpaul.

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #18 on: August 28, 2009, 06:28:41 pm »
Is there a way to open a firewall port to the core through php or a script? That is the only automated piece I am trying to figure out.

dlewis

  • Guru
  • ****
  • Posts: 401
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #19 on: August 28, 2009, 06:37:33 pm »
check out the firewall rules php site.

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #20 on: August 28, 2009, 10:12:13 pm »
That's exactly what I eventually did. I'm all done, works like a charm. I have made patch files.

http://donpaul.info/PPTP_Patch.tar.gz

untar to /var/www/pluto-admin

For those that need it:
Code: [Select]
cd /var/www/pluto-admin ; wget http://donpaul.info/PPTP_Patch.tar.gz ; gunzip PPTP_Patch.tar.gz ; tar -xvf PPTP_Patch.tar
You'll also need the new script

http://donpaul.info/Setup_PPTP.sh.gz

For those that need it:
Code: [Select]
cd /usr/pluto/bin ; wget http://donpaul.info/Setup_PPTP.sh.gz ; gunzip Setup_PPTP.sh.gz
This is tested on 7.10, and it works for me. Let me know if there are any problems.

jimbodude

  • Guru
  • ****
  • Posts: 372
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #21 on: September 01, 2009, 05:23:27 am »
I applied this patch to 0810.  It runs fine.  I haven't tested the functionality of the VPN yet - the client is giving me trouble.  I'll try to get back to it tomorrow.

I've attached the svn diff for the web admin changes.  Drop the sh into /usr/pluto/bin and apply this patch to /var/www/lmce-admin

Some comments:
- The process for the initial set up of PPTP and adding users is ridiculously easy - good work.
- Instructions on setting up the iPhone are vague at best.  A link to a wiki page which describes multiple clients would be better
- The process to delete PPTP users is less than ideal.  Is there a way to detect what users are PPTP users and add a "remove PPTP access" link on the Users page? Or at least a "Delete" button instead of having to type "delete" as a password...
- I didn't look too deeply into the inner workings.  I'm assuming there's no encryption - is that true?

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #22 on: September 04, 2009, 04:28:18 pm »
I tried to figure out a way to add a delete button or link, but I could not get it working. I can add a delete to the script easily, but can't figure out the php part. Still working on it and will update the patch if I get it working.

The iPhone instructions can be removed if it isn't helpful, but the iPhone is very easy to configure and works great. I am working on a wiki page.

PPTP is an encrypted tunnel.

I applied this patch to 0810.  It runs fine.  I haven't tested the functionality of the VPN yet - the client is giving me trouble.  I'll try to get back to it tomorrow.

I've attached the svn diff for the web admin changes.  Drop the sh into /usr/pluto/bin and apply this patch to /var/www/lmce-admin

Some comments:
- The process for the initial set up of PPTP and adding users is ridiculously easy - good work.
- Instructions on setting up the iPhone are vague at best.  A link to a wiki page which describes multiple clients would be better
- The process to delete PPTP users is less than ideal.  Is there a way to detect what users are PPTP users and add a "remove PPTP access" link on the Users page? Or at least a "Delete" button instead of having to type "delete" as a password...
- I didn't look too deeply into the inner workings.  I'm assuming there's no encryption - is that true?

jimbodude

  • Guru
  • ****
  • Posts: 372
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #23 on: September 04, 2009, 05:01:23 pm »
You should be able to just mirror what you're already doing.  Add a button for "delete" in your form, when you're processing the data from the forum in the PHP script, check the value of the submit, if its "delete" then ignore everything else and run the delete script.

I wouldn't say the iPhone instructions aren't helpful, just maybe a bit misleading since its the only device listed, and maybe a bit sparse since there could be screenshots of the iPhone and more PPTP devices could also be interesting.  Also, the configuration process might change in a future iPhone version - never know.  Just a link to a wiki page would do it - move the iPhone instructions there.  Then everyone gets the most up to date information all the time.

Sorry, I guess I'm not up on the PPTP spec...  Thanks for the correction.

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #24 on: December 06, 2009, 04:11:00 am »
I made changes to the VPN config/scripts, and I have verified that it works in 8.10b2. Drop the script in /usr/pluto/bin and apply the patches.

dlewis

  • Guru
  • ****
  • Posts: 401
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #25 on: December 06, 2009, 07:06:53 pm »
Could you re-open the ticket and add it to the beta2 site to be put into the next build? Thanks!

rages

  • Guru
  • ****
  • Posts: 182
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #26 on: December 08, 2009, 01:53:25 pm »
Hello,

this project could also be used by this VNC client for Android in your opinion?
http://code.google.com/p/android-vnc-viewer/wiki/Documentation



Emanuele

donpaul

  • Guru
  • ****
  • Posts: 300
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #27 on: December 08, 2009, 04:30:08 pm »
VNC and VPN are completely separate products.

rages

  • Guru
  • ****
  • Posts: 182
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #28 on: December 09, 2009, 08:39:08 am »
Sorry for my stupid question  :P


Emanuele

pw44

  • Addicted
  • *
  • Posts: 666
    • View Profile
Re: PPTP VPN - iPhone VPN access
« Reply #29 on: March 26, 2010, 09:28:03 pm »
Hi donpaul,

Don't forget that for using from the external interface, you will also need the following rules, so protocol 47 (GRE) can be passed.

iptables -A INPUT -p 47 -j ACCEPT
iptables -A OUTPUT -p 47 -j ACCEPT


TIA,

Paulo

« Last Edit: April 09, 2010, 03:52:54 pm by pw44 »