Why still Intrepid (Ubuntu 8.10) server? I just don't have time to upgrade it. For a server, as long as it is secure and stable, no need for the cutting edge.
Why VPN? Check wiki. For me, I want to access some location sensitive files while I am on the iPhone via 3G network.
How? There is an excellent How-To in Chinese. I followed it and it works! This post is a summary of what I did.
For iPhone, three VPN protocols are supported: L2TP, PPTP and Cisco IPSec. I am going to install a pptpd on my Ubuntu server.
- Get the server installed.
sudo apt-get install pptpd
- Edit /etc/pptpd.conf file to setup the IP address for connected clients. Enable localip and remoteip to something like
localip 10.100.113.1 remoteip 10.100.113.2-4
- Use /etc/resolv.conf to find the DNS of the system, and edit /etc/ppp/pptpd-options to enable ms-dns - something like
ms-dns 18.104.22.168 ms-dns 22.214.171.124
- Set the VPN account by editing /etc/ppp/chap-secrets. For an account test with password TSET that can connect from any where
test pptpd TSET *
- Restart the server by executing
sudo /etc/init.d/pptpd restart
- Enable forward for Internet connection. First, edit /etc/sysctl.conf file to enable
sudo sysctl -p
Second, use iptables (install by apt-get) to setup a route
sudo iptables -t nat -A POSTROUTING -s 10.100.113.0/24 -o eth0 -j MASQUERADE
- Setup VPN in the iPhone by General > Network > VPN > PPTP. Enable Auto encryption level. Keep RSA SecurID off.
It should work now.
- Automatically enable iptables after rebooting. First, save the working iptables by
# iptables-save > /etc/iptables-rules
Second, edit /etc/network/interfaces to something like
# The primary network interface auto eth0 iface eth0 inet dhcp pre-up iptables-restore < /etc/iptables-rules
That is all I did and I don't need to tweak other things as listed in the original post. I also tested on a windows xp machine, which works like a charm. Enjoy Ubuntu!