Configuring AirNet (PPTP) under linux

This how-to aims to address the common problems associated with getting your linux computer working with the schools wireless network. The PPTP client webpage has done a excelent job of covering the install of PPTP on many *nix ditributions. So as not to duplicate the effort this how-to will not cover the installation process for PPTP or MPPE in any great detail.

  1. Overview on how this system works
  2. AirNet hind the scenes
  3. Install MPPE support under kernel
  4. Install the PPTP Client
  5. Configuration
  6. My ip-up.local and ip-down.local files
  7. Further (Optional) Automation

AirNet overview

AirNet provides the option to use PPTP to both encrypt and authenticate yourself when using WiFi in Stony Brook. I highly recomend you take advantage of this system as it provides several major benefits.

AirNet behind the scenes

AirNet is designed quite well, it allows anyone to connect to the APs but firewalls almost everything unless you authenticate through web interface or use PPTP to tunnel to a gateway. After connecting to the AP you get an IP and are able to connect to the PPTP. The PPTP client connects to the server and tries to authenticate, if authentication is sucessfull it then runs a series of local scripts which modify the routing table. In this case all the traffic is routed through a pseudo interface which takes all the data encrypts it and sends it via your WiFi interface to the PPTP server. And that is pretty much all that goes on (sans glory details).

Installing MPPE

MPPE is the encryption and compression algorithm used by PPTP. You have to install MPPE in order to get onto AirNet. Refer to the pptp-client documentation web page for instruction on how to install MPPE on your distribution.

Installing PPTP client

PPTP client is the second part of the puzzle it handles everything from authentication to running all the scripts that set up your routing table. Again, refer to to the pptp-client documentation web page for instruction on how to install PPTP client on your distribution. Although some manuals suggest you install PPTP-config I recomend against it. It is not needed (and in fact is discouraged) for the purpose of this how-to.

Configuring PPTP

The configuration is also quite well documented on the pptp-client website. For our purposes, follow the how-to from step 1 to step 6. Although it is aimed toward debian it should apply to almost any distribution. Some things to keep in mind when you configure PPTP client:

ip-up.local ip-down.local

These 2 files override the routines in the ip-up.d and ip-down.d directories, dont be surprised if other ppp stuff does not work (if you have an idea on how to have these two things live side by side please email me). Basically the only special thing they do is route all your traffic through the tunnel. These files are based on the ones from the pptp-client website. But they have modified where they need no configuration. It gueeses the right interface by looking at which is the default one _NOW_ and gets the server ip from the PPP call. Also the ip-down.local more carefully cleans up the routing table mess ip-up.local (removes route to pptp server)

Now that you've configured PPTP bring up your wireless interface, associate with an AirNet AP and run 'pon sunysb'. If you are expriencing problems you can try starting pon in debug mode, and don't forget to check the route table. More details on what things should look like, read my slides on PPTP (page 8 and on).

Further (Optional) Automation

I use WPA supplicant to manage my wifi connections. All I need to do is do 'ifup wlan0' and everything is configured. With AirNet (and PPTP in general) there is a trick as you need to run 'pon' after associating with the AP. Fortunatelly debian (and many other distros) have a framework for executing scripts after an interface has been brought up/down. If you want to configure this then take a look at my automation directory. It includes all the configuration files and scripts you need to get this working.


Change log