Testing pptpd

zdzichu · Post by **zdzichu** » 21. Apr 2011, 11:39

Hi everyone,
I would like to test pptpd in linux(ubuntu) using two virtual machines but I don't know how to configure networking.
What I want is having 2 vms(server and client) in different private networks but thier gateways are able to ping each other so I can create ppp(vpn) tunnel between them.
Thanks for any help

Post by **Sasquatch** » 22. Apr 2011, 22:40

Use Internal Networking, gateway has two of them and the clients are in different named networks. Gateway in both.

Post by **BillG** » 23. Apr 2011, 04:59

Here is a bit of advise on testing VPN connections in general based on my experiences.

You don't really need two networks to set up a client/server VPN connection. VPN will work over any IP connection, so you can set up a VPN connection over any physical or virtual network. I can create a VPN connection from a client to a VPN server in the same network with the same IP scheme (physical or virtual). The catch is that, although the connection exists, you can't force the client to use it (because there is also a direct connection to the server).

Putting the client and server in separate networks with different subnets doesn't really solve the problem. The client can only create a VPN connection to the server if there is an IP connection (ie you can route between the two networks). You now have the same situation as before. The client will not necessarily use the VPN connection to access the server. It can still do that through the routed connection.

Even using a different IP address for the VPN traffic does not guarantee that the traffic will actually use the VPN tunnel. The routing software may see that there is a simpler route and use that. In a real world situation tunnelling VPN through the Internet it is OK because the Internet routers will drop any private-addressed traffic. Only the traffic which has been encapsulated and given a public IP header can cross the Internet.

The point of all this is that you cannot assume that your simulation is realistic. Unless you actually monitor the network traffic, you cannot be sure that the VPN tunnel is actually being used.

zdzichu · Post by **zdzichu** » 23. Apr 2011, 15:00

My goal is to prove that ppp connection between 2 computers is really encrypted (this is my school work)
I was testing before Kerberos (also for school work). I set 2 vms, server and client and captured ftp connection between them(simple). First, without Kerberos and second with Kerberos. I was able then to show that connection was really encrypted.
Now I have to do the same with ppp or other vpn (for example):
Server 10.0.0.5
client 192.168.1.15
capture normal telnet between them, show that it is plain text

create vpn connection:
server 10.0.0.5
client 10.0.2.15
capture telnet between them
Prove that telnet is encrypted

Post by **BillG** » 24. Apr 2011, 01:36

You should be able to do pptp the same way. Virtual networks are just like physical networks. They use the same protocols. The capture should look the same as it would on a physical network.

Post by **Sasquatch** » 28. Apr 2011, 20:49

And with the VPN client, you can tell it to route all traffic through the VPN instead of the default gateway. That way, you can test the connection the same way you did before. If it's clearly visible, it uses the default gateway. If it's encrypted, traffic between server and client are sent through the VPN.

virtualbox.org

Testing pptpd

Testing pptpd

Re: Testing pptpd

Re: Testing pptpd

Re: Testing pptpd

Re: Testing pptpd

Re: Testing pptpd