Wednesday, October 11, 2006

HOW TO SETUP DIAL-IN SERVER on LINUX

A lot of my friends have been asking me how to setup a dial-in server on a linux box.. As far as im an concern i was able to make this kind of setup on a debian os.. i've tried it on ubuntu on breezy and dappeldrake and it both went well.. only it requires you to have a modem preferably external or internal will also do and a dedicated line to be used by the dial-in users.. below are the steps that i followed:


Part I . The short version:D on how to get remote access to your Ubuntu box via modem. Install mgetty
sudo apt-get install mgetty
Add a line at the end of file /etc/inittab
S0:2345:respawn:/sbin/mgetty ttyS0
If your modem is on COM1.
Initialize init by typing
sudo init q
Now from Win you can use HyperTerminal to connect to your Ubuntu box with your user name/pass.

For those who want more here is a real deal;)

Part II

The problem: Establish PPP connection to Ubuntu server from a remote location using a modem and to share internet connection.
Laptop modem<> Server modem <> Ethernet Router <> Cable/DSL modem <> Internet

Assumptions: drivers for your modems already installed and modem is at ttyS0. I have an external modem attached to COM1 - ttyS0, COM2 will be ttyS1. I didn't have X installed so I was using nano to edit conf files, you can use gedit if you have X installed or any other editor. Make sure your are familiar with the interface of the editor before you start modifying files. Make sure you create backups of the files before you modify them. You will need to use sudo or login as root for most of the tasks. If you don't know how to configure your dial up on your client look for a dial up howto or Ubuntu docs. I also assume that you already have your local nework including routers properly configured and have an access to the Internet from your Ubuntu server.

Part II.a - Dial in configuration

1. If not already installed use synaptic or apt-get to install ppp and mgetty packages. ppp should be already installed by default so
sudo apt-get install mgetty

2. Create a group ppp by adding a line in file /etc/group ppp:x:1001:

3. Create a new user "pppuser" or whatever you will use for your dial in connection and assign a password by using
sudo adduser pppuser
edit file /etc/passwd or use sudo vipw to change entry for pppuser to pppuser:x:1001:1001:,,,:/home/pppuser:/usr/sbin/ppplogin

4. Add a line to the file /etc/inittab S0:2345:respawn:/sbin/mgetty ttyS0 for modem on ttyS0. Or S1:2345:respawn:/sbin/mgetty ttyS1 for modem on ttyS1 That will let mgetty to accept incoming calls

5.Make a new file /usr/sbin/ppplogin and add the following in there
#!/bin/sh
#/etc/ppp/ppplogin
# PPP login script
mesg n
stty -echo
exec /usr/sbin/pppd -detach modem debug crtscts


6. Set access to the ppplogin file and etc/ppp directory
chmod 750 /usr/sbin/ppplogin
chown root:ppp /usr/sbin/ppplogin
chmod 775 /etc/ppp
chown root:root -R /etc/ppp

7. Restart init by typing init q
If you're use external modem it should be on before that.

8. Open file /etc/mgetty/login.config Comment out everything in there and add a line
/AutoPPP/ - a_ppp /usr/sbin/pppd file /etc/ppp/options

9. Open file /etc/ppp/options and make sure these lines are uncommented. If anything else is uncommented it probably should be commented.

-detach
asyncmap 0
modem
crtscts
proxyarp
lock
require-pap
refuse-chap
ms-dns 192.168.1.1 #put your dns server ip here
usepeerdns
In my case the ms-dns entry had an ip of my router, if you using Linksys router it's 192.168.1.1 by default unless you changed it.

10. Create a file /etc/ppp/options.ttyS0 for the modem on ttyS0 and add following in there
192.168.1.3:192.168.1.201
noauth
Where first address is the address of your server for ppp connection which I think, should be different from your eth ip. The second address is the address that will be assigned to the client when connection is established. It will probably make life easier, unless you know what you doing, if all those addresses on the same subnet as your other computers on the network. (ip starts with the same 192.168.1.x numbers)
You can substitute noauth for a debug line, this way it will log some info about you connection in a syslog.

11. Edit file /etc/ppp/pap-secrets
find a line after # Every regular user can use PPP and has to use passwords from /etc/passwd
It should look something like that
* hostname "" *
substitute hostnatname with * so it looks like that
* * "" *

If you don't do that pap will not authenticate you and you'll be immediately disconnected.

Now you're able to connect using dial-up connection from you laptop or a remote office into your Ubuntu server and use ssh or putty if you're using Win.

Part II.b - Accessing internet from a remote client

I'm sure there other or better solutions to that, but that was easy enough and it worked for me.

sudo apt-get install ipmasq

Done. ipmasq automatically senses all your interfaces and initializes IP Masquerade forwarding/firewalling and allows you to connect to the rest of your network and the Internet.