pptpd with radiusclient2 on ubuntu 16.04

In this tutorial we are trying to explain how to setup pptp vpn on Ubuntu machine and authenticate through radius server using radius client.

The Problem here we face is listed. If you run a command on Ubuntu 16.04 apt-get install radiusclient1. You will find the error “E: Package ‘radiusclient1’ has no installation candidate”

Now we have to find the updated version and to install on the server for pptpd vpn connection. Let see how it is going.

  1. Install pptpd server
    1. apt-get update
    2. sudo apt-get install ppp pptpd
    3. apt-cache pptpd
    4. vim /etc/pptpd.conf (Please check all the below options are enable in the file .)
      • option /etc/ppp/pptpd-options
      • logwtmp
      • localip 10.0.0.1
        remoteip 10.0.0.10-100
    5. vim /etc/ppp/pptpd-options(enable or add the below lines to the file)
      • name pptpd
      • refuse-pap
        refuse-chap
        refuse-mschap
      • require-mschap-v2
        # Require MPPE 128-bit encryption
        # (note that MPPE requires the use of MSCHAP-V2 during authentication)
        require-mppe-128
      • ms-dns 8.8.8.8
        ms-dns 8.8.4.4
      • proxyarp
      • nodefaultroute
      • lock
      • nobsdcomp
      • novj
      • novjccomp
      • nologfd
      • plugin radius.so
        plugin radattr.so
    6. vim /etc/sysctl.conf (set the rules for nating)
      • net.ipv4.ip_forward=1
    7. sysctl -p
    8. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    9. iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
    10. iptables -A INPUT -i eth0 -p gre -j ACCEPT
    11. iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
    12. apt-get install iptables-persistence
    13. vim /etc/ppp/ip-up
      • /sbin/ifconfig $1 mtu 1400
    14. /etc/init.d/pptpd restart
    15. sudo apt-get install radiusclient1 unzip (E: Package ‘radiusclient1’ has no installation candidate)
    16. sudo apt-get install radiusclient1 ( there is no package available for radiuclcient1) So we have to install it with updated module libfreeradius-client2 and libfreeradius-client-dev)
    17. sudo apt-get install -y pptpd iptables libfreeradius-client2 libfreeradius-client-dev supervisor
    18. cd /etc/radiusclient/
    19. vim radiusclient.conf
      • auth_order radius,local
        login_tries 4
        login_timeout 60
        nologin /etc/nologin
        issue /etc/radiusclient/issue
        authserver 192.168.56.103:1812 # radius server IP address
        acctserver 192.168.56.103:1813 # radius server IP address
        servers /etc/radiusclient/servers
        dictionary /etc/radiusclient/dictionary
        login_radius /usr/sbin/login.radius
        seqfile /var/run/radius.seq
        mapfile /etc/radiusclient/port-id-map
        default_realm
        radius_timeout 10
        radius_retries 3
        login_local /bin/login
    20. vim servers
      • include the radius server IP address and radius secret
    21. wget -c fadhly.web.id/files/dictionary.microsoft.zip
    22. apt-get install unzip
    23. unzip dictionary.microsoft.zip
    24. mv dictionary.microsoft /etc/radiusclient/
    25. vim dictionary
      • INCLUDE /etc/radiusclient/dictionary.microsoft
    26. vim /etc/ppp/pptpd-options
      • plugin radius.so
        plugin radattr.so
    27. /etc/init.d/pptpd restart
    28. Add the child server to your nas table of free-radius server. restart the radius server with freeradius -X and try connecting to the pptpd server through vpn client.
    29. tail -f /var/log/syslog
      • Aug 10 07:51:57 ip-172-26-5-93 pptpd[7781]: CTRL: Client 39.60.*.* control connection started
        Aug 10 07:51:58 ip-172-26-5-93 pptpd[7781]: CTRL: Starting call (launching pppd, opening GRE)
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: Plugin radius.so loaded.
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: RADIUS plugin initialized.
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: Plugin radattr.so loaded.
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: RADATTR plugin initialized.
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: pppd 2.4.7 started by root, uid 0
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: Using interface ppp0
        Aug 10 07:51:58 ip-172-26-5-93 pppd[7782]: Connect: ppp0 <–> /dev/pts/2
        Aug 10 07:51:59 ip-172-26-5-93 pppd[7782]: /etc/radiusclient/radiusclient.conf: line 83: unrecognized keyword: radius_deadtime
        Aug 10 07:51:59 ip-172-26-5-93 pppd[7782]: peer from calling number 39.60.75.41 authorized
        Aug 10 07:51:59 ip-172-26-5-93 kernel: [2372552.298253] PPP MPPE Compression module registered
        Aug 10 07:52:02 ip-172-26-5-93 pppd[7782]: MPPE 128-bit stateless compression enabled
        Aug 10 07:52:03 ip-172-26-5-93 pppd[7782]: Cannot determine ethernet address for proxy ARP
        Aug 10 07:52:03 ip-172-26-5-93 pppd[7782]: local IP address 10.0.0.1
        Aug 10 07:52:03 ip-172-26-5-93 pppd[7782]: remote IP address 10.0.0.10

Leave a Reply

Your email address will not be published. Required fields are marked *