How To Set Up Linux As A Dial-In Server
How To Set Up Linux As A Dial-In Server
Author: Sohail Riaz <sohail AT fastadmins DOT com>
This document describes how to attach modems to a Linux box and allow it to receive calls to connect users to the network. Its like being your own ISP (Internet Service Provider). If your Linux box is connected to the Internet, then the users will also be connected to the Internet. Your Linux box becomes a router. This is also known as RAS (Remote Access Services) in the Microsoft world. In the Linux world its called PPP (Point to Point Protocol).
2 Attach A Modem
Attach a modem to COM 1 or COM 2. If you have an internal modem, you need to know what COM port it is. You could just activate all the COM ports and see later which one works by viewing the /var/log/messages file. Then turn off the other 3.
3 Run kudzu
Kudzu is the Linux hardware auto detection that usually runs at boot time. You may reboot the computer or else just type:
Hopefully, kudzu will detect your modem and configure it automatically.
4 Configure Modem For mgetty
Mgetty is the program that allows you to login after the modems connect. It is activated in the /etc/inittab file. Use vi to add a line after the mingetty lines (halfway into the file).
Physical Port Linux Port /etc/inittab line for turning on mgetty
S0:2345:respawn:/sbin/mgetty -D ttyS0 S1:2345:respawn:/sbin/mgetty -D ttyS1 S2:2345:respawn:/sbin/mgetty -D ttyS2 S3:2345:respawn:/sbin/mgetty -D ttyS3
The -D means data only, no fax machines are allowed to connect. The baud rate is automatic. I hope your modem can handle that.
5 Turn On PPP Dial In Service
Mgetty by default will not invoke PPP, it is commented out in the /etc/mgetty+sendfax/login.config file. We need this service so IP packets can flow across the dial-in connection.
Look for a line:
#/AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login debug
/AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login debug
and remove the first character, the # and save the file. Notice the "debug" option on that line. This logs useful information in /var/log/messages that we will look at later. Also, the "login" option means to authenticate with the /etc/passwd file after "pap" authentication (described below).
6 Setup PPP Options
When PPP starts up, it reads options from the command line from /etc/mgetty+sendfax/login.config. Then it read more options from the /etc/ppp directory. We will create a new file called options.server where we will put generic options for all modems that dial in. Then we will have an options file for each modem where we can put the IP address we will assign anyone on that modem. That file will be named options.ttyS0 or options.ttyS1.
-detach asyncmap 0 modem crtscts lock proxyarp ms-dns 188.8.131.52 #replace 184.108.40.206 with DNS address Primary ms-dns 220.127.116.11 #replace 18.104.22.168 with DNS address Slave
192.168.0.12:192.168.0.100 #serverAddress:clientAdress netmask 255.255.255.0 #The netmask of the LAN the server is connected to
7 Add Users To pap-secrets
In order to allow dial in, you will have to define users and passwords to authenticate them with. PPP will authenticate them. First, we must add users and passwords to the /etc/ppp/pap-secrets file.
Client (User) Server Secret (password) IP sohail * boby * zain * zain123 *
8 Create Linux Users
Now, create some regular linux users that correspond to the /etc/ppp/pap-secrets file. Use the same password that has been entered in that file. If you do not want to do this step then you must remove the "login" option from the command line of ppp kept in /etc/mgetty+sendfax/login.config.
9 Turn On Routing
We now want Linux to be a router and allow packets to flow through it. This is called packet forwarding.
net.ipv4.ip_forward = 1
sysctl -e -p /etc/sysctl.conf
10 Start Mgetty
Tell the init to re-read its config file (/etc/inittab) and start up mgetty on the modems.
11 Test Dial In and View Logs
Have someone try dialing in on Phone number attached to modem and you can watch the logs live by typing this:
tail -f /var/log/messages
You will see the connection attempts and some useful debugging info.