Linux VPN server installation for use with Iphone
I was looking into getting an vpn connection from my iphone to my server because I wouldn't want to send my email passwords and webpasswords clear over any public WIFI. Setting up an open source vpn connection from the Iphone is fairly simple but there is not much choiche of software. To my knowledge OpenVPN and Openswan are not supported so my choiche came down to: Poptop which is probably not the most secure solution because it's uses the Microsoft protocol which has a few flaws but I figured it would be much safer then nothing and if there is an evil WIFI I would guess the will just go for the easy targets.
My install is a CentOS 5.2 installation but it should work under any fairly recent Linux distribution
Setting Poptop VPN for Iphone is done in just four steps:
1 Installing Poptop on your linux server
Some distributions already have pptpd, if not you can install it from source with the following steps.
Download the latest pptpd from Sourceforge.
Unpack pptpd, configure and run make install:
tar -zxvf pptpd-1.3.4.tar.gz cd pptpd-1.3.4 ./configure make make install
2 Configuring pptpd (poptop)
Now we need to configure the different files used by pptpd to setup up for the vpn:
/etc/pptpd.conf
option /etc/ppp/options.pptpd localip 192.168.8.1 remoteip 192.168.8.234-238
/etc/ppp/options.pptpd
name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 #opendns dns services, you can replace this by your dns provider ms-dns 208.67.222.222 ms-dns 208.67.220.220 lock nobsdcomp nologfd
/etc/ppp/chap-secrets
# Secrets for authentication using CHAP #set one or more username and passwords to use with the pptp VPN # username pptpd password IP addresses username pptpd password *
3 Setup the server for Masquerading/NAT
Because we want to share the internet connection of the server with the Iphone we need to do NAT. The following couple of lines enable this. I am assuming eth0 is the network interface conneted to the internet. Just first try this out by copy and pasting this into bash but to keep it working even after a reboot you can copy the following lines into /etc/rc.local
echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD -i eth0 -o ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT #and start pptpd /usr/local/sbin/pptpd
4 Configuring the Iphone
On your iphone click settings > network >VPN > Add VPN Configuration
Click PPTP and fill in a description
the hostname of the server
account = the username filled in in /etc/ppp/chap-secrets
RSA SecurID: OFF
password, as filled in in /etc/ppp/chap-secrets
Encryption Level = Auto
Send All Trafic: ON
Now press save and when Turning VPN to ON it should connect to the server.
If you have any problems don't hesistate to ask in the comments.

Posted by: Tim on
Sep 28th, 2008 |
Filed under:
Tags: 
September 29th, 2008 at 2:53 pm
[...] vpn server poptop aan de praat gekregen met de Iphone. Als iemand geinteresseerd is. Ik heb een beschrijving online geplaatst hoe deze server te installeren en te configuren en hoe je Iphone hiermee te [...]
Add A Comment