PPTP Tunneling

From DD-WRT Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 03:56, 30 August 2006 (edit)
Coperton (Talk | contribs)
(Router A > VPN > Router B)
← Previous diff
Revision as of 03:59, 30 August 2006 (edit) (undo)
Coperton (Talk | contribs)
(Router B > VPN > Router A)
Next diff →
Line 92: Line 92:
# Set "Remote Subnet" to "192.168.1.0" # Set "Remote Subnet" to "192.168.1.0"
# Set "Remote Subnet Mask" to 255.255.255.0 # Set "Remote Subnet Mask" to 255.255.255.0
-# Set "MPPE Encryption" to required+# Set "MPPE Encryption" to "mppe required"
# Set "MTU" to 1450 # Set "MTU" to 1450
# Set MRU to 1450 # Set MRU to 1450

Revision as of 03:59, 30 August 2006

Contents

Point-to-Point Tunneling with two DD-WRT

The configuration below was tested using two WRT54Gs (Hardware v2.2) and DD-WRT v23 SP1 std.

Scenario

  • Network A in location "a"
Router A address 192.168.1.1
DHCP range 192.168.1.100-150
Dyndns address "direccion_de_A.dyndns.org"


  • Network B in location "b"
Router B address 192.168.2.1
DHCP range 192.168.2.100-150
Dyndns address "direccion_de_B.dyndns.org"


The purpose of this setup is to connect to any IP Address on network A or B from network A or B.

Configuration

For Both Routers

  1. Goto "Administration" tab and "Management" sub-tab
  2. Enable DNSmasq and Local DNS
  3. Disable Loopback

http://img237.imageshack.us/img237/9766/loopbackzs4.jpg

Note: Loopback must be disable because VPN doesn't always work when it is enabled.

For Router A

Router B > VPN > Router A

  1. Goto "Administration" tab and "Services" sub-tab
  2. Enable PPTP Server
  3. Set "Server IP or DNS Name" to "192.168.1.1"
  4. Set "Client IP(s)" to "192.168.1.200-250"
  5. Set "CHAP-Secrets" to "usernameA * passwordA *"
  6. Apply Changes

Router A > VPN > Router B

  1. Goto "Administration" tab and "Services" sub-tab
  2. Enable PPTP Client
  3. Set "Server IP or DNS Name" to the location of Server B (direccion_de_B.dyndns.org)
  4. Set "Remote Subnet" to "192.168.2.0"
  5. Set "Remote Subnet Mask" to 255.255.255.0
  6. Set "MPPE Encryption" to "mppe required"
  7. Set "MTU" to 1450
  8. Set MRU to 1450
  9. Set Username to usernameB
  10. Set password to passwordB
  11. Apply Changes

http://img162.imageshack.us/img162/22/ruteadora6ir.jpg

For Router B

Router A > VPN > Router B

  1. Goto "Administration" tab and "Services" sub-tab
  2. Enable PPTP Server
  3. Set "Server IP or DNS Name" to "192.168.2.1"
  4. Set "Client IP(s)" to 192.168.2.200-250"
  5. Set "CHAP-Secrets" to "usernameB * passwordB *"
  6. Apply Changes

Router B > VPN > Router A

  1. Goto "Administration" tab and "Services" sub-tab
  2. Enable PPTP Client
  3. Set "Server IP or DNS Name" to the location of Server A (direccion_de_A.dyndns.org)
  4. Set "Remote Subnet" to "192.168.1.0"
  5. Set "Remote Subnet Mask" to 255.255.255.0
  6. Set "MPPE Encryption" to "mppe required"
  7. Set "MTU" to 1450
  8. Set MRU to 1450
  9. Set Username to usernameA
  10. Set password to passwordA
  11. Apply Changes

http://img73.imageshack.us/img73/4391/ruteadorb3nn.jpg

Notes

  • The subnets should not intersect each other (i.e. The third octet of direction IP (192.168.thirdoctet.1) of the network A must be different of the network B.
  • The range of Client IP(s) must be outside the range of DHCP clients.
  • In the example the IP range that occurred for clients vpn ("Client IP(s)") was 192.168.x.200-250 therefore 51 VPN clients allowed

Monitoring

To monitoring and guarantee the connection you can setup Watchdog. The following instructions will setup watchdog to monitor the connection every five minutes.

On both routers:

  1. Goto "Administration" tab and "Keep Alive" sub-tab.
  2. Enable Watchdog
  3. Set "Interval" to 300
  4. Set IP Addresses to "192.168.1.200 192.168.2.200"

http://img201.imageshack.us/img201/9416/keepaliveye2.jpg


Another way to make VPN tunnel

http://www.dd-wrt.com/phpBB2/viewtopic.php?t=1767


Useful Links

PPTP_Server_Configuration

HOW_TO_configure_a_WINDOWS_BOX_to_make_a_VPN_Connection_to_linksys