Friday, May 14, 2010

How to connect to Windows VPN from Ubuntu without the help of GUI

In Ubuntu, the easiest way to connect to VPN is using NetworkManager. But some times it is not possible. Like in my case NetworkManager wont detect my 3G Evdo modem, so I have to use gnome-ppp to connect to internet. And because of this NetworkManager thinks that there is no active connection and it wont let me connect to VPN. So I used pon and poff scripts to control my VPN connection. These scripts are provided by ppp package which is available in every Ubuntu installation by default. Given below is how I connected to a Windows PPTP VPN server.

First thing you need is to install pptp-linux package. So do
sudo apt-get install pptp-linux
Now create a file /etc/ppp/peers/vpnfile. You can change the file name vpnfile to any name you like but keep it simple as you will need it to connect to your VPN. Now add following lines to this file:

remotename myvpn
linkname myvpn
ipparam myvpn
pty "pptp  --nolaunchpppd "
name 
usepeerdns
require-mppe
refuse-eap
noauth
defaultroute

#defaults from the pptp-linux package
file /etc/ppp/options.pptp

The first three parameters provide name of the remote system, name for the link and a value to be passed to scripts in ip-up.d and ip-down.d directories, respectively. These values dont need to be same and can be different. The scripts in ip-up.d directories are called when a connection is established and the ones in ip-down.d are called when a connection is terminated. Next parameter i.e pty specifies that the given script should be used to communicate rather than any terminal device. Rest of the parameters control different attributes of the connection i.e what protocol to use or refuse or whether to use encryption or not and etc. The last parameter i.e defaultroute adds a default route to system routing table when this connection is established. This means that when this connection is active, by default all traffic is routed on this connection. If you dont need this behaviour, remove it and add scripts to ip-up.d and ip-down.d to add only your required routes.
More detailed explanation of these parameters can be found in manual entry for pppd i.e man pppd.

You will also need to add a line to file /etc/ppp/chap-secrets with username and password for this connection.

username connection-name password *


Connection name in this line must be same as remotename, which we have set to myvpn. 
Now to connect to vpn, issue command 
sudo pon vpnfile
and you are all set, connected to your vpn. To disconnect from the vpn, issue command
sudo poff vpnfile