PPTP PopTop How To for Fedora Core 2 (fc2) and Linux 2.6.9
			# linux 2.6 linux-2.6 net/bpf.h error cure inside

Downloads:
linux-2.6.9
linux-2.6.8-mppe-mppc-1.1.patch
ppp-2.4.2-1.src.rpm
pptp-1.1.4-b4

Save following to /usr/src
ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-2.6.9.tar.bz2
http://www.polbox.com/h/hs001/linux-2.6.8-mppe-mppc-1.1.patch.gz
http://prdownloads.sourceforge.net/poptop/pptpd-1.1.4-b4.tar.gz?download
http://prdownloads.sourceforge.net/poptop/ppp-2.4.2-1.src.rpm?download

cd /usr/src
bzip2 -cd linux-2.6.9.tar.bz2|tar -xv
gunzip linux-2.6.8-mppe-mppc-1.1.patch.gz   #Will unzip to linux-2.6.8-mppe-mppc-1.1.patch
rpm -Uvh ppp-2.4.2-1.src.rpm #Puts source in /usr/src/redhat/SOURCES
cp /usr/src/redhat/SOURCES/* /usr/src
tar -xzvf ppp-2.4.2.tar.gz
tar -xzvf pptpd-1.1.4-b4.tar.gz

cd linux-2.6.9
patch -p1 <../linux-2.6.8-mppe-mppc-1.1.patch
cd /usr/src/linux-2.6.5-1.358 #Or whatever the current kernel is called (Not the new kernel we are going to use)
make menuconfig
	<exit>
	<Save = yes>
cp .config ../linux-2.6.9   #Copy the config file to the new kernel directory
cd /usr/src/linux-2.6.9
make menuconfig
	Device Drivers->
		Networking Support->
			<M> PPP BSD-Compress compression
			<M> Microsoft PPP compression/encryption (MPPC/MPPE)
	<exit><exit><exit><save = yes>
make clean bzImage modules
make modules_install # You may get link warning regarding mtd module. Ignore unless you want to disable in menuconfig
make install

Edit file  /boot/grub/grub.conf
	#Change the default entry
default=0   #Set default to reference new kernel. If the new kernel is the first one then set default=0

cd /usr/src/ppp-2.4.2
./configure
make
	#Note: if you get an error regarding bpf.h ie: demand.c:53:22: net/bpf.h: No such file or directory make[1]: *** [demand.o] Error 1
	#Then change the following files:
	#Edit /usr/src/ppp-2.4.2/pppd/demand.c   <--- Find <net/bpf.h> and change to <pcap-bpf.h>
	#Edit /usr/src/ppp-2.4.2/pppd/sys-linux.c	<--- Find <net/bpf.h> and change to <pcap-bpf.h>
	#Edit /usr/src/ppp-2.4.2/pppd/plugins/rp-pppoe/if.c	<--- Find <net/bpf.h> and change to <pcap-bpf.h>
	#make clean
	#make  #Error should now be gone!
make install
cd /usr/src/poptop-1.1.4
./configure
make
make install

Edit /etc/modprobe.conf
	#Add following lines
alias char-major-108 ppp_generic
alias tty-ldisc-3 ppp_async
alias tty-ldisc-14 ppp_synctty
alias ppp-compress-18 ppp_mppe_mppc
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate

cp /usr/src/pptp/poptop-1.1.4/samples/pptpd.conf /etc
Edit file /etc/pptpd.conf
remove # from option /etc/ppp/options.pptpd
	#At end of file add line similar to
localip 192.168.0.200 
	#This will be the ip address at this side of the vpn tunnel. The Remote address will be assigned in chap-secrets
	#In my example 192.168.0.0 is my internal network and I chose 200 and above to represent my vpn addresses

Edit file /etc/ppp/options.pptpd
	#The only lines you probably want are
lock
debug
name *
mtu 1490
mru 1490
proxyarp
auth
require-mppe
#ms-wins your.server.here  #<--- If you have a wins server and want to use it add this line and remove # 
#Note: server must also be in resolv.conf

Edit /etc/ppp/chap-secrets
	#User names don't need to be setup on the linux server. They only need to be in this file
	#User: hairbrain with password: mysecret_123 will be assigned ip address 192.168.2.201 when connected
	#this way you can count on their computer shares being at a specific ip address. Ex: //192.168.2.201/LaserJet
	#You can see who is connected by using ifconfig and looking at the ppp entries
# Secrets for authentication using CHAP
# client	server	secret	IP adresses
hairbrain	*	mysecret_123	192.168.2.201

Now we need to setup holes though the firewall if a firewall exists.

Create file: /etc/ppp/ip-up.local  #Add following lines. Only first 3 lines need to be changed.
#!/bin/sh
ipinternal_network="192.168.0.0/24"  <-- set to your internal network as opposed to external network.
ipinternal="192.168.0.113"   <--- set to ip address for this computer's internal network card
internal="eth0" <--- set to name of internal network card
ppp=$1
ttyprt=$2
baudrt=$3
localip=$4
remoteip=$5
case $2
in
 /dev/pts/*)
 echo "$(date): ip-up   1:$1 2:$2 3:$3 4:$4 5:$5 6:$6" >> /var/log/pptpd.log
 /sbin/iptables -P FORWARD DROP
 echo 1 > /proc/sys/net/ipv4/ip_forward
 /sbin/iptables -I FORWARD -s $remoteip -d $ipinternal_network -j ACCEPT
 /sbin/iptables -I FORWARD -s $ipinternal_network -d $remoteip -j ACCEPT
 /sbin/iptables -I INPUT -i $ppp -s $ipinternal_network  -j ACCEPT
 /sbin/iptables -I OUTPUT -o $ppp -d $ipinternal_network  -j ACCEPT
 echo "$(date): ip-up  Firewall rules set for $1:$5" >> /var/log/pptpd.log

Create file: /etc/ppp/ip-down.local  #Add following lines. Only first 3 lines need to be changed. Same as ip-up.local
#!/bin/sh
ipinternal_network="192.168.0.0/24"  <-- set to your internal network as opposed to external network.
ipinternal="192.168.0.113"   <--- set to ip address for this computer's internal network card
internal="eth0" <--- set to name of internal network card
ppp=$1
ttyprt=$2
baudrt=$3
localip=$4
remoteip=$5
case $2
in
 /dev/pts/*)
 echo "$(date): ip-down   1:$1 2:$2 3:$3 4:$4 5:$5 6:$6" >> /var/log/pptpd.log
 /sbin/iptables -D FORWARD -s $remoteip -d $ipinternal_network -j ACCEPT
 /sbin/iptables -D FORWARD -s $ipinternal_network -d $remoteip -j ACCEPT
 /sbin/iptables -D INPUT -i $ppp -s $ipinternal_network  -j ACCEPT
 /sbin/iptables -D OUTPUT -o $ppp -d $ipinternal_network  -j ACCEPT
 echo "$(date): ip-down Firewall rules set for $1:$5" >> /var/log/pptpd.log
 ;;
esac


Now change their execution rights
chmod a+x /etc/ppp/ip-up.local /etc/ppp/ip-down.local

Last item: A startup script!!!

Create file: /etc/init.d/pptpd.init  #Add following lines.
#!/bin/sh
#
# Startup script for pptpd
#
# chkconfig: 345 85 15
# description: PPTP server
# processname: pptpd
# config: /etc/pptpd.conf


# Source function library.
. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
  start)
        echo -n "Starting pptpd: "
        if [ -f /var/lock/subsys/pptpd ] ; then
                echo
                exit 1
        fi

        /usr/local/sbin/pptpd -d
        echo
        touch /var/lock/subsys/pptpd
        ;;
  stop)
        echo -n "Shutting down pptpd: "
        killproc pptpd
        echo
        rm -f /var/lock/subsys/pptpd
        ;;
  status)
        status pptpd
        ;;
  restart)
        $0 stop
        $0 start
        ;;
  *)
        echo "Usage: $0 {start|stop|restart|status}"
        exit 1
esac

exit 0




We need to make it executable.
chmod a+x /etc/init.d/pptpd.init

Now we can start the process!

/etc/init.d/pptpd.init start

We can set this up to automatically start through serviceconf
Must be in an xwindows environment
run serviceconf
or find it in the redhat menu somewhere.
	Actions
		Add service
			pptpd.init
It should default to run for run-levels 3, 4, and 5

Connection problems will show up in /var/log/messages   
use: tail -20 /var/log/messages   to look at last 20 lines
The ip-up and ip-down scripts will put ppp info into in /var/log/pptpd.log


Some side notes:
when setting up Microsoft Windows computers. This applies to Windows98 through
WindowsXP
make sure to shut off Use default gateway on remote network
In WindowsXP under the created vpn properties
Properties->Networking
	Internet Protocol (TCP/IP) -> properties
		Advanced button
			Uncheck: Use default gateway on remote network