Building a stand-alone Dialup server with Linux Michael Cassera Las Vegas Data LLC.

michaelc@lasvegasdata.com

Eric Womack Las Vegas Data LLC.

eric@lasvegasdata.com

SGML Markup 2002-03-01 .2 2002-03-03 Typo cleaning, pap-secrets clarified .1 2002-03-01 Initial Write-Up This document is compiled from several other HOWTOs to make a single HOWTO that strictly deals with building a dialup server. You will need mgetty and pppd for this howto. The base Linux install for this HOWTO is RedHat 7.2. pppd is installed by default, but mgetty is not. Do a server install, select individual packages. Select mgetty and continue with the install. For this HOWTO we are adding an external modem to ttyS1. Adjust the settings to your setup. External modems usually end up on ttyS0 or ttyS1. Internal modems are not. Red Hat is pretty good at finding internal modems as long as they are not the "winmodem" type. It assigns a ttyS number to it and creates a symbolic link from /dev/modem to it. To find the ttyS number for your modem simply do a STAT command: stat /dev/modem You will get a bunch of information regarding the link, but the first line will look somthing like this: File: "/dev/modem" -> "/dev/ttyS1" Use that ttyS number for the rest of this HowTo. Add one line to the end of the /etc/inittab (for each modem) S1:2345:respawn:/sbin/mgetty -D ttyS1 The "-D" tells the modem that it is to be treated as a data modem. No Fax. You need to edit the /etc/mgetty+sendfax/login.config file to enable Autoppp(a_ppp). The command is already in the file, but has a leading "#". Simply remove the "#" from the front of the command and save the file. It should look like the following: /AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login debug You should not need to change anything since we will put all our connection settings in /etc/ppp/options and /etc/pap-secrets. Update /etc/ppp/pap-secrets. Type in "*" for client, "*" for server, " "" " for secret and "*" for IP address (omit the quotes except for secret which only gets one set of double quotes). This configuation will enable every registered user on the dialup server computer remote access to log in. You could also specify usernames, passwords and IP address for PAP authentication. When finished, the file should look like this: client server secret IP addresss * * "" * Open /etc/ppp/options for editing. The file copntains system and initializations default options for pppd. The default file simply says "lock" on the first line. Add the following commands so that it matches the following: lock -detach modem crtscts proxyarp asyncmap 0 Lock Create a lock file to have exclusive access to the particular device -detach tells pppd not to fork (become a background process). modem sets to use modem control lines. Client will wait for a signal from the modem to be asserted when opening the serial device. Unless otherwise specified. crtscts Use hardware flow control. proxyarp This will make the client appear that it is on the lan to it's peers. asyncmap 0 Tells pppd not to set up and use escape control sequences To set a specific IP for a client and server for each tty, create the /etc/ppp/options.ttyS# file for each tty. Our example is using ttyS1 so the file we create is /etc/ppp/options.ttyS1. For each serial line you set up a server IP and client IP in the following format: serverIP:clientIP For example. If the dialup server's IP address on the network was 192.168.1.32 and you wanted the remote machine dialing in to have an IP of 192.168.1.151 you would add the following line options.ttyS#: 192.168.1.32:192.168.1.151 All that we have done to this point was to get a ppp connection between the dialup server and the remote machine. To allow the remote machine access to the internet through the lan that the dialup server is connect to we need to edit /etc/sysconfig/ipchains and /etc/sysctl.conf Edit the file /etc/sysconfig/ipchains. More than likely this file does not yet exist. Add the following line: -A forward -s xxx.xxx.xxx.0/24 -j MASQ Replace the "xxx" with the appropriate IP address. An example on our network might look like this: -A forward -s 192.168.1.0/24 -j MASQ Save the file. Edit the /etc/sysctl.conf file. change: net.ipv4.ip_forward = 0 to: net.ipv4.ip_forward = 1 This will enable packet forwarding to the remote computer. Reboot the computer and it should be ready to receive a call from a remote machine. Much of the information here is copied from PPP Quick Setup Tips GNU Free Documentation License http://www.gnu.org/copyleft/fd1.html Copyright (C) 2002 Michael Cassera Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.