diff options
| author | Robert Göhler <github@ghlr.de> | 2021-07-21 20:30:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-21 20:30:15 +0200 |
| commit | d5a2b5d7b27f7d7666cff675a7048529590e8fc5 (patch) | |
| tree | b4d360044b54d9bb499526709878e17b30db74fe /docs/configuration/vpn/pptp.rst | |
| parent | f601ca43e0ca1619af7b9829a4b70fdb4ed7a195 (diff) | |
| parent | f6e5ef39a8945c39ffc73810ef428e104c3a8f4e (diff) | |
| download | vyos-documentation-d5a2b5d7b27f7d7666cff675a7048529590e8fc5.tar.gz vyos-documentation-d5a2b5d7b27f7d7666cff675a7048529590e8fc5.zip | |
Merge pull request #571 from srividya0208/vpn-pptp
Vpn pptp/l2tp
Diffstat (limited to 'docs/configuration/vpn/pptp.rst')
| -rw-r--r-- | docs/configuration/vpn/pptp.rst | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/docs/configuration/vpn/pptp.rst b/docs/configuration/vpn/pptp.rst index 72b3feb0..24ee3264 100644 --- a/docs/configuration/vpn/pptp.rst +++ b/docs/configuration/vpn/pptp.rst @@ -1,13 +1,19 @@ +:lastproofread: 2021-07-15 + .. _pptp: PPTP-Server ----------- -The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only for backwards compatibility. -PPTP has many well known security issues and you should use one of the many other new VPN implementations. +The Point-to-Point Tunneling Protocol (PPTP_) has been implemented in VyOS only +for backwards compatibility. PPTP has many well known security issues and you +should use one of the many other new VPN implementations. -As per default and if not otherwise defined, mschap-v2 is being used for authentication and mppe 128-bit (stateless) for encryption. -If no gateway-address is set within the configuration, the lowest IP out of the /24 client-ip-pool is being used. For instance, in the example below it would be 192.168.0.1. +As per default and if not otherwise defined, mschap-v2 is being used for +authentication and mppe 128-bit (stateless) for encryption. If no +gateway-address is set within the configuration, the lowest IP out of the /24 +client-ip-pool is being used. For instance, in the example below it would be +192.168.0.1. server example ^^^^^^^^^^^^^^ @@ -17,15 +23,15 @@ server example set vpn pptp remote-access authentication local-users username test password 'test' set vpn pptp remote-access authentication mode 'local' set vpn pptp remote-access client-ip-pool start '192.168.0.10' - set vpn pptp remote-access client-ip-pool stop '192.168.0.15' - set vpn pptp remote-access gateway-address '10.100.100.1' + set vpn pptp remote-access client-ip-pool stop '192.168.0.15' set vpn pptp remote-access outside-address '10.1.1.120' client example (debian 9) ^^^^^^^^^^^^^^^^^^^^^^^^^ -Install the client software via apt and execute pptpsetup to generate the configuration. +Install the client software via apt and execute pptpsetup to generate the +configuration. .. code-block:: none @@ -41,7 +47,9 @@ All tunnel sessions can be checked via: .. code-block:: none - run sh pptp-server sessions - ifname | username | calling-sid | ip | type | comp | state | uptime - --------+----------+-------------+--------------+------+------+--------+---------- - ppp0 | test | 10.1.1.99 | 192.168.0.10 | pptp | mppe | active | 00:00:58 + run show vpn remote-access + Active remote access VPN sessions: + + User Proto Iface Tunnel IP TX byte RX byte Time + ---- ----- ----- --------- ------- ------- ---- + test PPTP pptp0 192.168.0.10 288 66 00h00m07s |