SWIS Linux Instructions

Below are some guidelines on how to set up your Linux machine in order to connect to the VPN Service.

The assumption is made that anyone running Linux has the ability to follow How-tos and install packages; and will only require a minimal amount of support.

The method described on this page is tried, tested and is known to work with FC5.
The method uses the Graphical User Interface, PPTPConfig to manage the PPTP connections.

There are other ways to manage the PPTP connection, and other ways to setup the routing; though no support is offered for these methods.

These are the main stages to connecting Linux to the VPN Service.

1. Install and Setup PPTP Client
2. Setup Routing.
3. Setup Browser to use the webcache.
4. Connecting.

Stage 1: Installing & Configuring the PPTP Client.

Instructions on how to install and configure PPTP Client for a wide range of Linux distributions can be found on the PPTP Client Sourceforge mini-site.

Please follow the How-To relevant to your Distribution.

Once you have installed PPTP and PPTP Config you can run the program from the command prompt by typing 'pptpconfig&' and pressing enter.

Below are 4 screen shots showing the necessary settings to enter into the various tabs.

The Server tab...

Enter the details as shown.

Leave the Domain box blank, and enter your own Username and Password.
*The screenshot shows the VPN server hostname for the Student VPN; if you do not use the Student VPN then enter the relevant server here.

The Routing tab...

Ensure that 'All to Tunnel' is selected.

The DNS tab...

Ensure that the Automatic check box is ticked.

The Encryption tab...

Ensure that only the 'Require Microsoft Point-to-Point Encryption (MPPE)' checkbox is ticked.

Nothing needs to be set on the Miscellaneous Tab, though you may wish to use some of the options contained with in it.
Once you have entered the required details and settings on each of these tabs, click the 'Add' button to save these settings.

If you wish to change any of the settings, make your changes and use the Update button.

Stage 2: Setting up routing.

Once you have the PPTP Client and PPTP Config installed it is necessary to make changes to the routing table in order to keep the VPN connection alive, and to route traffic across the tunnel.

If you have followed the instructions above, making sure that you have selected the 'All to Tunnel' option on the 'Routing' tab, then the use of the following script as described below will set up the additional routing as you connect, and also tidy up the routes as you disconnect.

Download this script and copy it to /etc/ppp/route-add.local
Make the file executable by running this command...
chmod 700 /etc/ppp/route-add.local
Be sure to change the WIFI variable to be your wireless interface in the script.

To call this script as the VPN tunnel is created, and hence automatically add the route on connection, it is necessary to edit the /etc/ppp/ip-up file.
Add the following line above the last line (exit 0) of the /etc/ppp/ip-up file.

Similarly to delete this route as the tunnel shuts down when you disconnect, add the following line above the last line (exit 0) of the /etc/ppp/ip-down file.

There is no need to create the /etc/ppp/route-del.local file, this is created automatically by the /etc/ppp/route-add.local file when the VPN connects.

For those of you who are going their own way about setting up PPTP, the routing table should look like this in order for the VPN connection to work…

The command to show the routing table is route -n

Kernel IP routing table

eth1 is the wireless card on our machine, this may differ on your machine.

The first line is the actual IP of the server, not the VPN daemon's virtual IP. is ls-roamnode1.swan.ac.uk

The second line is the route to the VPN daemon's virtual IP, this needs to be here to allow the tunnel to exist across eth1.
*It is possible that your table may have 2 entries like this; this is not a problem.

The 3rd and 4th lines are just the original routes.
The 5th line is the route that sends all traffic down ppp0

Stage 3: Setting up your Browser to use the webcache.

In order to browse any external web pages you need to configure your browser with the web cache settings.

The most popular browser is likely to be Firefox and therefore below are the instructions on how to set up Firefox 1.5.

1. Run Firefox.
2. From the 'Edit' drop-down menu select 'Preferences'
3. In the 'Preferences' panel make sure the General icon is highlighted
4. Click the 'Connection Settings' button.
5. Tick the 'Automatic Proxy Configuration' button.
7. Choose OK and then in the 'Preferences' panel choose Cancel to finish
8. Close and restart the browser.

There are many other browsers for Linux, but all will have an option to enter cache settings.

The server address is wwwcache.swan.ac.uk
The server port number is 3128.

Stage 4: Connecting to the VPN

Run pptpconfig, type pptpconfig& at the command prompt.

Click on the 'uws-vpn' connection in the 'PPTP Client Tunnel List' window to select it, then click on the 'Start' button to initiate the connection.

To close the connection, click on the 'Stop' button.