HOWTO Use VPN
The router running at i3Detroit runs a PPTP VPN endpoint, which members can use to gain remote access to the space. Once you are connected, the i3 fileshare and any of the remote desktop protocol machines should work as if you were on the network in the space.
For credentials, please contact Mark Furland or Amelia Meyer at least a week before needed, please!
Contents
Windows 10
Adapted from [1]
1. Add a new VPN connection. Go to Settings > Network & Internet > VPN > Add a VPN connection
VPN Provider: Windows (built-in) Connection name: PPTP Server name: space.i3detroit.org VPN Type: Point to Point Tunneling Protocol (PPTP) Type of sign-in info: User name and password User name: <username> Password: <secret>
2. Navigate to the Windows 10 Network connections. Go to Settings > Network & Internet > Status > Change Adapter Options > PPTP Adapter properties
Security > Allow these protocols > Microsoft CHAP Version 2 (MS-CHAP v2)
NetworkManager
- For debian, the package is `network-manager-pptp-gnome`
- space.i3detroit.org, username+pass
- Disable auth methods that aren't MSCHAPv2
- enable MPPE, I left it as "all available" for security.
Mac OS
Adapted from [2]
≤10.11
For older OS X (macOS) versions, the setup of a PPTP VPN connection consists of the following steps:
- Click on the Apple icon in the top left corner of your screen.
- Open System Preferences > Network.
- Click on the “+” button from the left panel.How to set up a PPTP connection on Mac - Leopard
- For the Interface, select the VPN option.
- Next, select PPTP as the VPN Type and type-in a Service Name.
- Click on the Create button.
- Enter the VPN server name or IP to the Server Address textbox and the VPN user name to the Account Name field.
- Further, click the Authentication Settings button and enter your VPN account access password. Click the OK button.
- Lastly, click the Connect button.
To disable the VPN on Mac, enter the VPN connection properties (System Preferences > Network > VPN connection name) and click on the Disconnect button.
>10.11, <10.15
Even though for these macOS versions, PPTP is no longer available in the macOS built-in VPN client, a PPTP connection can still be set up.
A simple script can be created to configure and directly use the PPTP.ppp
plugin in order to initiate a VPN over PPTP connection.
Basically, you need to create a file and paste the following commands:
plugin PPTP.ppp noauth remoteaddress "space.i3detroit.org" user <username> password <secret> redialcount 1 redialtimer 5 idle 1800 # mru 1368 # mtu 1368 receive-all novj 0:0 ipcp-accept-local ipcp-accept-remote refuse-eap refuse-pap refuse-chap-md5 hide-password mppe-stateless mppe-128 # require-mppe-128 looplocal nodetach ms-dns 8.8.8.8 usepeerdns # ipparam gwvpn defaultroute debug
Then, from the Terminal app, execute the commands in the file with the PPTP.ppp
plugin:
sudo pppd file ~/path-to-your-file/vpn.txt
The script will create a VPN connection to the specified server and it will authenticate with the provided username and password.
To disable the VPN stop the pppd
process:
killall pppd
10.15
Unfortunately, Apple hates us, and got rid of PPTP entirely. The best option recommended is PrimoVPN, which is not free. Alternatively, you may be able to make these instructions work to add your own PPTP.ppp
library.
How to add users
Adapted from [3]
On the router CLI (either in the webUI or over SSH), this process:
configure set vpn pptp remote-access authentication local-users username <username> password <secret> commit save exit
Please make regular backups and put them in the Admin/infrastructure/network_backups/router/
share on Google Drive.