Gpptp enhancements for doing PIA VPN - [ New version ]

[jafadmin]

Thank you very much for all your efforts with testing. This is very valuable and posting it here creates a record for future reference. I realize you just want to get on with enjoying puppy and wish you the best.

Hopefully, if this issue comes up with other users we can refer back to your issue and use it as breadcrumbs for finding the cause/solution in the future.

I have found 5.7.1 retro to be very robust. I am putting my dev efforts behind it.

Warmest regards,

jafa

[pelican]

jafa, I'm the one who needs to thank you for producing Gpptp v2.0 and for your guidance on setting it up. I need PPTP VPN. As a newcomer to puppy I would have probably tried slacko; spent hours trying to get pptp working; when it didn't work then given up on puppy and moved on to try pptp on another linux distro.

As it is, I'm very happy with Precise 571 retro and Gpptp v2.0 on all four of my family's XP laptops/netbooks whether non-PAE or PAE.

Later on, I may try setting up openvpn but as I only prefer that level of encryption infrequently then I'm not concerned whether openvpn works or not in puppy. I can wait until I have access to a win 7 or 8 PC to use it.

Thanks again,
ken

[TheYoungOne]

hey jafadmin

i followed your instructions and i'm using precise 5.7.1. i am also using PIA.
but i get this error when i try to connect

Connecting to VPN server...
pptp process (7946) exited with 0
ppp process was NOT created!

am i doing something wrong ?
i couldn't figure it out for myself

the numbers change too. the ones in brackets and the 'exited with' number. when i try to connect again.

thanks
theyoungone

[jafadmin]

@TheYoungOne,

Assuming you are properly connected to the internet before starting Gpptp, it usually means there is something amiss with the server/username/password login information.

doublecheck the login info, and type it in manually if necessary or copy/paste it. If it works that way you may need to fix the vpn_servers or vpn_userids files, or redo the mk-vpn-key cache.

Let us know if that fixes it.

[TheYoungOne]

I have an ipod touch 4g which can use VPN's. It works on this. So my login details/server are good. PIA give two different login details depending on the protocol. Neither work.

I still get the same error code.

sorry for the late reply.

[jafadmin]

We're going to need some specific information to solve this.

1) Makes sure your puppy 5.7.1 can browse the web, then run the "ifconfig" command in a console and post the output here.

2) make a screenshot of Gpptp V2.0 right before pressing the "Connect" button and post that here as well.

Thanks

[jafadmin]

Here is a useful utility I use to manually check on whether the VPN tunnel is up or not. I mapped Ctrl+Alt+V keypress to the script.

vpn-check

Code: Select all

#!/bin/sh
if [  -e  "/var/run/ppp0.pid"  ]  
then
	gxmessage -bg green -center -timeout 3 " VPN is up! " 
else 
	gxmessage -bg red -center -timeout 3 " VPN is down! " 
fi

[rerwin]

With Lucid running; switch router off/on and reconnect to vpn.
VPN worked OK as follows ........

# ping google.com
PING google.com (173.194.127.230): 56 data bytes
64 bytes from 173.194.127.230: seq=0 ttl=55 time=18.958 ms
64 bytes from 173.194.127.230: seq=1 ttl=55 time=19.440 ms
64 bytes from 173.194.127.230: seq=2 ttl=55 time=245.509 ms
64 bytes from 173.194.127.230: seq=3 ttl=55 time=148.254 ms
64 bytes from 173.194.127.230: seq=4 ttl=55 time=18.106 ms
# cat /etc/resolv.conf
# Generated by dhcpcd from ra0
# /etc/resolv.conf.head can replace this line
nameserver 192.168.1.1
# /etc/resolv.conf.tail can replace this line

I infer from his previous postings that he was running Lucid pup 5.2.8.6, the 20140321 version. I think I can explain what he is encountering.

Both the Network Wizard and Frisbee allow the user to specify static IP and DNS addresses for ethernet and wifi connections. However, in all puppies but that version of lupu the /etc/ppp/options file includes "usepeerdns" which causes any static DNS address to be overwritten in resolv.conf by the peer-provided address, thereby crippling the support for static IP DNS names. The other PPP applicatons -- wvdial, pgprs, pppoe -- set that option in their own ways, not relying on the "options" usepeerdns entry.

In lupu 5.2.8.6-20140321 I commented out the entry in the "options" file, to activate support for static DNS addresses. It appears that initially gpptp did not cause the ethernet DNS address to be replaced by the peer address necessary for the pptp connection. On the reboot, the received address was apparently used, although I don't know how that is done.

To be consistent with other PPP applications and ensure that usepeerdns is always in effect for gpptp, I recommend that you include a "usepeerdns" line in options.pptp, to protect gpptp from cases where users comment out or remove that line from /etc/ppp/options. Since the template for the options file does not mention "usepeerdns", I consider it to have been a mistake to place it in that file, at all. At some point, I hope (when I can get around to submitting my set of lupu fixes to woof-CE) to advocate for its removal from "options" in the official (woof-built) puppies, to fix that bug. I made that change to options.pptp in 5.2.8.6-20140321, so hope you will do so, too, in your official version so that users will not see a regression if they install it into lupu and, possibly, eventually some other puppies.

Thanks for considering this.
Richard

[jafadmin]

Hi Richard,

The "/etc/ppp/options" file is not used by pptp, and is not part of the Gpptp install.

usepeerdns is set to true by default in the puppy compiles.

Gpptp handles the resolve.conf (DNS) issue by caching the original "/etc/resolv.conf" file upon a pptp connection, and then restoring it once the pptp session is closed.

In the case of the 1918s route setting, the "/etc/ppp/gpptp/1918s.route" script will append the contents of the original resolve.conf to the new one in case the "Company" VPN server only resolves internal addresses.

jafa

[BarryK]

jafadmin,
just to let you know, I have updated to your latest:

http://bkhome.org/news/?viewDetailed=00104

Thanks for sending me the source.

[rerwin]

jafa,
Thanks for the info. If "usepeerdns is set to true by default in the puppy compiles", then the 'usepeerdns' in 'options' is not needed, so can be deleted from there. Right? Then I am out of ideas for pelican's problem with lupu 5.2.8.6.

However, I also suspected that my modified if-up file, that tests for pptp running, before changing resolv.conf, might be the culprit. But I see that gpptp does not use it, just saves and restores it so as to use its own versions of if-up. So, my if-up does not appear to be a factor.

I found, though, a possible hazard. If there is no prior if-up file present, gpptp's if-up then remains as the existing if-up. That could seemingly impact other ppp applications that do not expect one to be there. Maybe all applications do as gpptp does and always create their own if-up file. I guess I will assume that and not worry about if-up files in lupu.

Bottom line: I will only remove (EDIT: comment out) usepeerdns from /etc/ppp/options, so that static IP and DNS addresses will work. I have no way to test this, so rely on users for feedback with lupu. Could you try removing it in a test in any puppy, to verify that no harm to gpptp is done without it?

I am pleased to see Barry's endorsement of gpptp v2. Congratulations.
Richard

[jafadmin]

jafadmin,
just to let you know, I have updated to your latest:

http://bkhome.org/news/?viewDetailed=00104

Thanks for sending me the source.

So good to hear from you, friend. I hope all is well. We have all missed you.

[jafadmin]

Bottom line: I will only remove usepeerdns from /etc/ppp/options, so that static IP and DNS addresses will work. I have no way to test this, so rely on users for feedback with lupu. Could you try removing it in a test in any puppy, to verify that no harm to gpptp is done without it?

Yes, Richard, I have tested this. In fact, I renamed "options", "options.ORIGINAL" and it tested fine.

Since I'm not sure which apps use the "options" file, it might be prudent to just comment out that line, but leave it as a breadcrumb if someone needs to do some testing?

The native "ip-up" file is just a copy of the "ip-up-EXAMPLE" file.

[Edit]

Also, the "ip-up" file in /etc/ppp gets archived, replaced, then restored to original when the pptp session is concluded.

[TJK]

This is the most recent thread that I could find on setting up PIA in puppy... and I've used the tutorial in msg#1 to try and get PIA working. I first tried installing Gpptp v2 on TahrPup32, but could not get it working. Since it had a lot of additional packages I tried installing by starting TP in RAM, but it still didn't work. Now I've installed lucid puppy 5.2 on a different machine, but still cannot get it working. (I had 5.2.8 working with the old version of Gpptp until recently.)

The details are: that I can start/run Gpptp and it states that a "VPN ppp0 - (pid xxxx) created. But when I test the connection the changes have not been made. Another check shows that "ip addr" is the same when Gpptp is connected or not.

[jafadmin]

Hi TJK,

I just saw this. I'll download Tahr 6.0.5 and try it. I'll get back to you as soon as I have an answer.

[jafadmin]

ok, I downloaded and ran an iso for Tahr 6.0.4. It had Gpptp v2.0 already installed, but it wouldn't work right. Here is what I did:

With Geany, open /etc/ppp/options.pptp, and un-comment line 43 (require-mppe-128)

Save and close. Try the connection again.

There is a short readme.odt in /etc/ppp/gpptp that has some info on saving id's and passwords, etc ...

If this didn't help, let us know

[TJK]

Sorry, it took so long to respond. (I've been busy) I wanted to test in many scenarios -- I tried on two different comps with TahrPup frugal install and one TahrPup with pfix=ram. But still does not work. I thought it might have been a network/router issue, but then I was able to get PIA/Gpptp working on one of my comps with Puppy 5.2.8.

ok, I downloaded and ran an iso for Tahr 6.0.4. It had Gpptp v2.0 already installed, but it wouldn't work right. Here is what I did:

With Geany, open /etc/ppp/options.pptp, and un-comment line 43 (require-mppe-128)

Save and close. Try the connection again.

There is a short readme.odt in /etc/ppp/gpptp that has some info on saving id's and passwords, etc ...

If this didn't help, let us know

[jafadmin]

Sorry, it took so long to respond. (I've been busy) I wanted to test in many scenarios -- I tried on two different comps with TahrPup frugal install and one TahrPup with pfix=ram. But still does not work. I thought it might have been a network/router issue, but then I was able to get PIA/Gpptp working on one of my comps with Puppy 5.2.8.

Let me know exactly which puppy tahr version you are using and I will download the ISO and test it.

[TJK]

I've been testing on both tahr-6.0.5_PAE.iso, and tahr-6.0.5_PAE.iso, found at: http://distro.ibiblio.org/puppylinux/pu ... 20-6.0-CE/

Sorry, it took so long to respond. (I've been busy) I wanted to test in many scenarios -- I tried on two different comps with TahrPup frugal install and one TahrPup with pfix=ram. But still does not work. I thought it might have been a network/router issue, but then I was able to get PIA/Gpptp working on one of my comps with Puppy 5.2.8.

Let me know exactly which puppy tahr version you are using and I will download the ISO and test it.

[jafadmin]

I've been testing on both tahr-6.0.5_PAE.iso, and tahr-6.0.5_PAE.iso, found at: http://distro.ibiblio.org/puppylinux/pu ... 20-6.0-CE/

Sorry, it took so long to respond. (I've been busy) I wanted to test in many scenarios -- I tried on two different comps with TahrPup frugal install and one TahrPup with pfix=ram. But still does not work. I thought it might have been a network/router issue, but then I was able to get PIA/Gpptp working on one of my comps with Puppy 5.2.8.

Let me know exactly which puppy tahr version you are using and I will download the ISO and test it.

I downloaded that ISO and booted it with no problem. I set up networking with no problem. Tested browser with no problem (I was able to get to this forum).

I edited "/etc/ppp/options.pptp" and un-commented line 43 and saved.

I started Gpptp and put in the PIA Seattle server name, my ID and password, and pressed "Connect", and it connected with no problem.

I checked my public IP address using "myip" which showed a legitimate routable IP address, and checked with the "ifconfig" command to make sure it showed a "ppp0" device.

I then started the browser and returned to this forum.

Everything worked as it should out of the box with the exception of editing the options.pptp file.

If you followed these steps, it should have worked for you too, unless there is something unique regarding your network setup that prohibits it.

Let us know about your network setup, and verify that you can get to the internet ok before starting Gpptp.