Pptpd Setup for Eveonline: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
No edit summary
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
vpn for fun and profit


pptp server:
pptp server:
AWS linux box.
* AWS linux box.
ubuntu 18
* ubuntu 18
* t2.micro ( 10$ / month - but I destroy it when I'm not useing it. )
* terraform to automate the up / down / config of the AWS resources, including a DNS record
 
client:
* windows 10
 
[[image:corp_diagram.png]]


user-data:
user-data:
Line 8: Line 16:
<pre>
<pre>
#!/bin/bash
#!/bin/bash
# inspiration
# ref https://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
# ref https://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/


Line 61: Line 70:
IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)


# /sbin/iptables -t nat -A POSTROUTING -s 10.10.23.0/24 -j SNAT --to-source ${IP}
# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to ${IP}
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /sbin/iptables -t nat -A FORWARD -s 0.0.0.0/0 -j ACCEPT
</pre>
</pre>
* I chose 10.10.23.0/24 arbitrarily, you can choose what ever cidr you want.
* I added debug to pptpd config and pppd config for make great log files.
* +mschap-v2 is non default and required for windows 10.
* change user and password in chap-secrets to something secure.


Setup the pptp connection on the windows server:
Setup the pptp connection on the windows server:
Line 71: Line 82:
[[image:pptp-connection.png]]
[[image:pptp-connection.png]]


Note that setting "nodefaultroute" in the pppd options file has no effect as the windows client controls this. Change the settings on the connection adpater's properties:
Note that setting "nodefaultroute" in the pppd options file has no effect as the windows client controls this. Change the settings on the connection adpater's properties. uncheck "Use default gateway on remote network"


[[image:windows_10_use_default_gateway.png]]
[[image:windows_10_use_default_gateway.png]]


one the link is up add a route to eve manually. run a cmd prompt as admin and do this:
once the link is up add a route to eve manually. run cmd as admin and do this:


  netstat -rn
  netstat -rn


and look for the interface id of you pptp connection, than added to the route add command here:
Look for the interface id of you ppp connection, then use the route add command here:


  route add 87.237.34.200 mask 255.255.255.255 0.0.0.0 IF XX
  route add 87.237.34.200 mask 255.255.255.255 0.0.0.0 IF XX


87.237.34.200 tranquility.servers.eveonline.com
87.237.34.200 tranquility.servers.eveonline.com
[[Category:eve-online]]

Latest revision as of 05:45, 3 February 2020

vpn for fun and profit

pptp server:

  • AWS linux box.
  • ubuntu 18
  • t2.micro ( 10$ / month - but I destroy it when I'm not useing it. )
  • terraform to automate the up / down / config of the AWS resources, including a DNS record

client:

  • windows 10

user-data: 

#!/bin/bash
# inspiration
# ref https://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/

apt-get -y install pptpd

cat << EOA > /etc/pptpd.conf
localip 10.10.23.1
remoteip 10.10.23.120-140
debug
EOA

cat << EOF > /etc/ppp/pptpd-options
ms-dns 10.10.23.1
nobsdcomp
noipx
mtu 1490
mru 1490
debug
EOF

cat << EOD > /etc/ppp/chap-secrets
user   *   password   *
EOD

cat << CATS >> /etc/ppp/options
asyncmap 0
auth
crtscts
debug
dump
lock
hide-password
modem
lcp-echo-interval 30
lcp-echo-failure 4
noipx
+mschap-v2
nodefaultroute
CATS

/bin/systemctl restart pptpd.service

cat << EOH > /etc/sysctl.d/10-forwarding.conf
net.ipv4.ip_forward=1
EOH

sysctl -p

echo "*.debug                         -/var/log/debug.log" >>  /etc/rsyslog.d/50-default.conf

/bin/systemctl restart rsyslog.service

IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  • I chose 10.10.23.0/24 arbitrarily, you can choose what ever cidr you want.
  • I added debug to pptpd config and pppd config for make great log files.
  • +mschap-v2 is non default and required for windows 10.
  • change user and password in chap-secrets to something secure.

Setup the pptp connection on the windows server:

Note that setting "nodefaultroute" in the pppd options file has no effect as the windows client controls this. Change the settings on the connection adpater's properties. uncheck "Use default gateway on remote network"

once the link is up add a route to eve manually. run cmd as admin and do this: 

netstat -rn

Look for the interface id of you ppp connection, then use the route add command here: 

route add 87.237.34.200 mask 255.255.255.255 0.0.0.0 IF XX

87.237.34.200 tranquility.servers.eveonline.com

Retrieved from "https://wiki.quadratic.net/index.php?title=Pptpd_Setup_for_Eveonline&oldid=4635"