Posts Tagged ‘establishment’

How to make pptp VPN connection to use IPMI port (IPKVM / Web KVM) on Debian Linux

Wednesday, July 27th, 2011

If you have used KVM, before you certainly have faced the requirement asked by many Dedicated Server Provider, for establishment of a PPTP (mppe / mppoe) or the so called Microsoft VPN tunnel to be able to later access via the tunnel through a Private IP address the web based Java Applet giving control to the Physical screen, monitor and mouse on the server.

This is pretty handy as sometimes the server is not booting and one needs a further direct access to the server physical Monitor.
Establishing the Microsoft VPN connection on Windows is a pretty trivial task and is easily achieved by navigating to:

Properties > Networking (tab) > Select IPv4 > Properties > Advanced > Uncheck "Use default gateway on remote network".

However achiving the same task on Linux seemed to be not such a trivial, task and it seems I cannot find anywhere information or precise procedure how to establish the necessery VPN (ptpt) ms encrypted tunnel.

Thanksfully I was able to find a way to do the same tunnel on my Debian Linux, after a bunch of experimentation with the ppp linux command.

To be able to establish the IPMI VPN tunnel, first I had to install a couple of software packages, e.g.:

root@linux:~# apt-get install ppp pppconfig pppoeconf pptp-linux

Further on it was necessery to load up two kernel modules to enable the pptp mppe support:

root@linux:~# modprobe ppp_mppe
root@linux:~# modprobe ppp-deflate

I’ve also enabled the modules to be loading up during my next Linux boot with /etc/modules to not be bother to load up the same modules after reboot manually:

root@linux:~# echo ppp_mppe >> /etc/modules
root@linux:~# echo ppp-deflate >> /etc/modules

Another thing I had to do is to enable the require-mppe-128 option in /etc/ppp/options.pptp.
Here is how:

root@linux:~# sed -e 's$#require-mppe-128$require-mppe-128$g' /etc/ppp/options.pptp >> /tmp/options.pptp
root@linux:~# mv /tmp/options.pptp /etc/ppp/options.pptp
root@linux:~# echo 'nodefaultroute' >> /etc/ppp/options.pptp

In order to enable debug log for the ppp tunnel I also edited /etc/syslog.conf and included the following configuration inside:

root@linux:~# vim /etc/syslog.conf
*.=debug;
news.none;mail.none -/var/log/debug
*.=debug;*.=info;
*.=debug;*.=info;
root@linux:~# killall -HUP rsyslogd

The most important part of course is the command line with ppp command to connect to the remote IP via the VPN tunnel ;), here is how I achieved that:

root@linux:~# pppd debug require-mppe pty "pptp ipmiuk2.net --nolaunchpppd" file /etc/ppp/options.pptp user My_Dedi_Isp_Given_Username password The_Isp_Given_Password

This command, brings up the ppp interface and makes the tunnel between my IP and the remote VPN target host.

Info about the tunnel could be observed with command:

ifconfig -a ppp
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.20.254.32 P-t-P:10.20.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1496 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:70 (70.0 B) TX bytes:672 (672.0 B)

One more thing before I could finally access the IPMI’s web interface via the private IP was to add routing to the private IP address via the tunnel other side IP address:

# 10.20.0.1 P-t-P IP address
ip route add 10.20.1.124/32 dev ppp0

Now logically one would thing the Web interface to login and use the Java Applet to connect to the server would be accessible but no IT wasn’t !

It took me a while to figure out what is the problem and if not the guys in irc.freenode.net ##networking helped me I would never really find out why http://10.20.1.124/ and https://10.20.1.124/ were inaccessible.

Strangely enough both ports 80 and 443 were opened on 10.20.1.124 and it seems like working, however though I can ping both 10.20.1.124 and 10.20.0.1 there was no possible way to access 10.20.1.124 with TCP traffic.

Routing to the Microsoft Tunnel was fine as I’ve double checked all was fine except whether I tried accessing the IPMI web interface the browser was trying to open the URL and keeps opening like forever.

Thanksfully after a long time of futile try outs, a tip was suggested by a good guy in freenode nick named ne2k

To make the TCP connection in the Microsoft Tunnel work and consequently be able to access the webserver on the remote IPMI host, one needs to change the default MTU set for the ppp0 tunnel interface.
Here is how:


ip link set ppp0 mtu 1438

And tadam! It’s done now IPKVM is accessible via http://10.20.1.124 or https://10.20.1.124 web interface. Horay ! 🙂

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Linux, System Administration | 1 Comment »

Great & Holy Thursday / Maundy Thursday (Thursday of Mysteries) day in the Orthodox Church

Thursday, April 21st, 2011

Today, a day before the suffering of our Lord and Saviour Jesus Christ for our sins remission we do commemorate the day of the Last Supper or (The Supper of Mysteries) in the Orthdox Church.

According to our Church tradition today is the day on which the saviour has established the Church mystery of the Sacrements! (Eucharist)

Here are the exact passages from (Matthew 26:26-28), where by the word of the Lord the Eucharist was established:


“Now as they were eating, Jesus took bread, and blessed, and broke it, and gave it to the disciples and said, ‘Take, eat; this is my body.’ And he took a cup, and when he had given thanks he gave it to them, saying, ‘Drink of it, all of you; for this is my blood of the covenant, which is poured out for many for the forgiveness of sins.'” (Mt. 26:26-28)

The feast is celebrated with a morning Holy Liturgy among all Eastern Orthodox Churches around the world.
It’s common that many layman do confess and take the sacraments on this date.

Before sacraments are received we the layman confess our unworthiness for Christ and beg for him to make us worthy to receive the communion with the prayer:



I believe, O Lord, and I confess that Thou art truly the Christ, the Son of the Living God, who camest into the world to save sinners, of whom I am the first (see 1 Tim 1:15).

I believe also that this is truly Thine own most pure Body, and that this is truly Thine own most precious Blood. Therefore I pray Thee: Have mercy upon me and forgive me my transgressions, committed in word and deed, whether consciously or unconsciously.

And make me worthy to partake without condemnation of Thy most pure Mysteries, for the remission of sins and unto life everlasting.

Of Thy Mystical Supper, O Son of God, accept me today as a communicant. For I will not speak of Thy Mystery to Thine enemies, neither like Judas will I give Thee a kiss; but like the thief will I confess Thee: “Remember me, O Lord, in Thy Kingdom.”

May the communion of Thy Holy Mysteries be neither to my judgment, nor to my condemnation, 0 Lord, but to the healing of soul and body.

This prayer is actually said everytime before we do take the sacraments through the year, so it’s one of the most-important prayers in our Orthodox Church life.

The Holy Communion establishment is also an act of remembrance a of the Lord’s suffering for the remission of our sins according to his commandment.

One major difference between Orthodoxy and Protestanism concerning Eucharist is that we orthodox believe that by taking the sacraments, we do receive the Most-holy flesh and blood of Christ and through his blood and flesh, the damage sin has created in our hearts, minds and souls (which is forgiven by God in the the mystery of the confessment) is being recovered completjely.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Christianity | No Comments »