Novell is now a part of Micro Focus

Setting up VPN on SUSE 10

Novell Cool Solutions: Tip
By Kevin Alexander

Digg This - Slashdot This

Posted: 28 Jun 2006


I needed to connect to the office VPN as well as browse the Internet over my local Lan connection any time I am outside the office. I use a laptop (Suse 10.0 KDE 3.5 you can the read the ongoing saga of my SUSE laptop here so my connection could be modem(modem0), Ethernet(eth0) or the preferred wireless (ath0) connection. I used the tools that were included in SUSE 10 and I guess you could say the VPN worked "right out of the box" in SUSE10. (this is a first for me on Linux as server to server IPSec or VPN is relatively easy but a user managed VPN is something a little new for Linux)


Here is an excellent "how to" without which I would have been lost:

(a) In YaST2 select Network Devices then DSL.

(b) Add a custom provider with an Authorization User Name that matches your PPTP server account.

Note** The provider name should match your windows domain (at the office) or it should be the host name of your VPN server eg;

User and password are those provided by your VPN admin

Next I deselected modify DNS when connected and external firewall interface.

I set idle timeout to 0 so I could just disconnect when I wanted.

In IPDetails I deselected default route

(c) Add a DSL device with PPP Mode set to Point to Point Tunneling Protocol and Modem IP set to your PPTP server IP address.

BTW when you modify anything in DSL Configuration in YAST you will loose network connectivity and you must issue a "sudo /sbin/rcnetwork restart" once you commit your changes because the network halts for some reason. (hummm suse is this a bug??).

Next I modified /etc/ppp/peers/pptp with:

mtu 1450
mru 1450

**note these items should match those set my your VPN admin
** we used mppe because a few people will need to connect via windoze<sic> and the mtu/mru were set low because of the encryption overhead.

then I created /etc/ppp/ip-up.local with:

if [ "$1" = "dsl0" ]; then
 /sbin/route add -net netmask dev dsl0
 /sbin/route add -net netmask dev dsl0

You will have to ask your system admin what your default subnets are and change then accordingly Also make ip-up.local executable with "chmod +x ip-up.local.

Next in YAST modify sysconfig:

system > etc/sysconfig editor
other > etc >  sysconfig > SUsefirewall2





(d) Try the connection using Kinternet, by selecting DSL0.

It is that simple.

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates