Alexandre Trilla, PhD - Research Engineer | home publications
 

Blog

-- Thoughts on data analysis, software development and innovation management. Comments are welcome


Post 5

Getting my VPN to work, at length

05-Dec-2008

Getting a Virtual Private Network (VPN) to work under GNU/Linux can be a pain. I have had, like many other people, a lot of trouble to set it right. Some time ago I did have my attempts, I eventually got to establish the connection but the traffic wouldn't route with success.

A day ago Dr. Vilella told me he already had a VPN working with the Ubuntu network-manager-pptp. He had even set it in Fedora with pptpconfig . With the evidence that a GNU/Linux VPN was indeed possible, I put my hands to work until I got to understand it and succeed in establishing the tunnel.

The protocol, PPTP, a piece of Emmental cheese. The OS, Debian, the anvil of stable GNU/Linux distros. The manual, an article from nixCraft called Linux configure point to point tunneling PPTP VPN client for Microsoft PPTP vpn server. After following the instructions of the article, my VPN did set, the P-t-P private address did appear in the kernel routing table, but the default gateway didn't change, so I was unable to send traffic trough the VPN. Trying to set it manually was useless because once the original default gateway was removed, the connection was lost.

In order to avoid that problem, the following steps led me to success:

  1. Add a static host-route to the VPN server with the original default GW: 
    route add -host vpn_server_address gw original_default_GW dev eth#
  2. Launch the pppd client: 
    pppd call vpn_tunnel_connection_name
  3. Delete the original default GW: 
    route del default
  4. Add the P-t-P private address assigned by the VPN server as the new default GW: 
    route add default gw ptp_address

By following these instructions, when the original default gateway is removed, the connection with the VPN server is not lost because of the static host-route.

Now, with a functional GNU/Linux VPN to the university I can keep on my development and research tasks as if I was materially in my everyday workplace. VNC and rdesktop clients to a MSWindows box for a VPN tunnel is history.



All contents © Alexandre Trilla 2008-2025