the patch including the /usr/portage/net-dialup/ppp/ppp-2.4.2-r2 ebuild is in version 0.82 - The actually patch version is 1.0. Users on the Gentoo Forum has requested this Bug Report - So I do it.
Problem with ppp 2.4.2 and patch 0.82 --> no PPTP connection to an PPTP Gateway with MPPE-128 compression is possible, only if ppp and kernel is patch withe the actually patches which can be find on http://www.polbox.com/h/hs001/
Steps to Reproduce:
Install a working PPTP VPN under gentoo
1. Get sources
2. Patch kernel
3. Config and install kernel
4. Change ebuild from pppd 2.4.2 and install pptp it
5. Edit config files
First, sorry for my english ;-)
I wasted weeks to get a working PPTP VPN. I needed under Debian only a few minutes
to install everything, but under gentoo ... :-/
In gentoo-user-de mailinglists, Karsten Schulz was an angel for and got me the right
tipps, so i decided to write a short howto, in hope, everything is clear.
1. Get sources:
I using for my working servers only the grsec-sources (2.4.26 actual).
(this patch is also for 2.6.6 avaible)
# emerge grsec-sources
# ln -sf /usr/src/linux-2.4.26-grsec-2.0 /usr/src/linux
Get the needed kernel patch:
# cd /usr/src
# wget http://www.polbox.com/h/hs001/linux-2.4.26-mppe-mppc-1.0.patch.gz
Now the patch for pppd 2.4.2:
# cd /usr/portage/net-dialup/ppp/files/2.4.2
# wget http://www.polbox.com/h/hs001/ppp-2.4.2-mppe-mppc-1.0.patch.gz
Note: there is also a patch, which is compatible with the old 2.4.1 pppd options,
---- but i didn't try it.
2. Patch the kernel:
# cd /usr/src/linux
# zcat ../linux-2.4.26-mppe-mppc-1.0.patch.gz | patch -p1
Configure you're kernel as usual:
# make menuconfig
you need the new module "ppp_mppe_mppc" under network devices (where also ppp is).
Don't forget ip-gre !!
4. pppd ebuild
We install a newer patch, than gentoo's portage has, so we have to change the
Note: It's possible, that you have to change the MD5 sum from the patch.
After that, you can install the new pppd 2.4.2:
Yeah, you have to install a (for gentoo) unstable package, but better that,
as headache ;-)
Now you can install pptpd also, if you don't have it already :-)
5. Change config files
pppd brings some new changes for the configs, so we need to change some lines.:
This is my file:
In most howtos, you have also the option:
but in my cases, pppd didn't like it, don't know why.
I changed also my /etc/modules.d/ppp:
alias char-major-108 ppp_generic
alias /dev/ppp ppp_generic
alias tty-ldisc-3 ppp_async
alias tty-ldisc-13 n_hdlc
alias tty-ldisc-14 ppp_synctty
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
alias net-pf-24 pppoe
alias net-pf-47 ip_gre
alias ppp-compress-18 ppp_mppe_mppc
Reboot you're maschine with the new kernel und load this modules:
Make sure, that pptp is running:
# ps ax | grep pptpd
now open a second console and do:
# tail -f /var/log/debug
Know connect to the server from a windows maschine and look what happens.
In my cases, it was working, otherwise, put the debug options in /etc/pptpd.conf.
You can also find a good help at:
hope this helps :-)
mfg/wfg Denny Schierz
Good job, Denny! Your howto works for me.
It was written on the pptp client homepage that the mppc algorithm is patented.
Sorry it tooks so long, but I was never sure how I got this bug in the first place...
After reading the patch author's comments, and ppp statement about the patent
issues, I have a problem implementing this for several reasons:
1) the technology sucks
2) the patches are kernel-version specific and goes beyond ppp
3) the associated legal issues
If people really need this, and the options provided on the sourceforge URL
above don't meet their needs, then I feel like that's your decision to make,
so due to the above issues you are on your own.
Not doing anything is not a solution.
Unless that has changed recently, the pppd contains a mppc patch.
This patch is
a) outdated from the point of view of mppc eager people
b) disables plain mppe without mppc because it changes the pppd<->kernel interface and the latest mppe-only patches no longer work
Note also that the mppe-only patch changes only ppp and only requires module (re)loading if ppp was compiled into modules (and pppd unpatched).
I must admit that the pppd mppc patch probably does not contain the patented technology, only the kernel patch does.
However, the ppp people support the mppe-only solution which works in most cases and is not patent-encumbered. They could even eventually push the patch into the kernel so that it works out of the box.
Ok, you get a patch update to 1.0, but if you need more, then please try one of
the newer ebuilds (they even have a USE flag and newer patch).