I know this is not related to anything in this blog, but I thought it’d be important to share the information.
So I created a PPTP VPN at my home after changed my router’s firmware to dd-wrt, and it’s been working smoothly. But this tip will be useful for any kind of PPTP server and (probably) Linux clients.
After getting bored for need to connect to another VPN site to get access to Kakao’s current server, I decided to install a PPTP-Client on it and connect to my home network. It’s even better when I’m out of home that I only need to connect to one VPN instead of two.
For my surprise on Kakao server I was able to ping/connect only to my router with IP address 192.168.10.253, but nothing else! Idea was also to use same DB as new server is restoring and running on new domain (www.kakaostats.net).
Basically all howto’s I found on internet suggested to create a script adding route to VPN network like this:
route add -net 192.168.10.0/24 dev ppp0
Where ppp0 is the virtual device connected to VPN network. But this sh*t never worked at all. First thing came to my mind was netmask which was 255.255.255.255, but this is kind of default for all kinds of VPNs. I even checked in Windows and it’s the same.
After trying traceroute to some IP address, I figured out that all traffic from VPN was going to router IP address first and not being forwarded to network. But from Windows it was the same, except it was being forwarded to network.
Then I decided to change script and wrote this way:
route add -net 192.168.10.0/24 gw 192.168.10.253
Another useful tip: in my case, ISP only provide a dynamic IP address so I’m using DynDNS. Quite often the IP address changes and VPN tunnel goes down and don’t get up automatically. The way to fix it is to change in /etc/ppp/options (may vary according to your Linux flavor) this options:
- Uncomment persist option. This will make pptp-client try to connect again when it notice no traffic.
- Set maxfail to 0. You may also need to uncomment this line, but this will make pptp-client try to connect forever on server.
- Optionally uncomment and change connect-delay to something else bigger than 1000 (default value). Since it may take some time to update new IP address on DynDNS doesn’t make sense to try to connect right away. But won’t hurt to maintain default value.
That’s it! Hope this was helpful to you!