08-26-2014 03:02 AM
Following these instructions - http://wiki.ubnt.com/PPTP_Client_-_CLI_Commands
The vpn providor I use give me a hostname, not an ip - required since the servers often change IP. How would I change the line set server-ip to something with server hostname?
At the end of the instructions it says
To connect the PPTP session, use the following command:
connect interface pptpc0
08-26-2014 11:06 AM
Yeah as discussed before, the CLI setting currently only allows IP address, and it is on our TODO list to make it also support hostname. When the interface is configured it should connect automatically, and there should be automatic retries when disconnected as well. For routing certain traffic through the interface, you can use policy-based routing (PBR), check out the Wiki page or previous forum discussions for more information.
08-26-2014 11:17 PM
So there is no way to setup a pptp vpn on an EdgeMax router using hostnames? I find it hard to understand that a device labelled with things like "versatile functionality" can't do something like this.
Is there any other way? afaik edgeos uses Debian, is there a way to install some third party package that allows me to do this?
08-27-2014 11:08 AM
As discussed before, the underlying software component (Debian pptp-linux package) does allow hostname, and it's the system configuration setting that currently does not allow it. As discussed before, it is on our TODO list to remove that restriction, and for now you can try editing the file "/opt/vyatta/share/vyatta-cfg/templates/interfaces/pptp-client/node.tag/server-ip/node.def" on the router, changing the line:
instead, which should allow a hostname to be entered.
08-28-2014 12:39 AM - edited 08-28-2014 12:52 AM
That worked, excellent. Thank you.
Is there a centralized wiki that contains details like this? The actual wiki isn't as in-depth as required for objects like this; I would never have known to do that unless you had told me. No other source had similar information.
I have two more questions.
First, when routing all traffic through the vpn, I have to both change the nat masquerade to my pptp interface and add a 0.0.0.0/0 route through the same interface. Why do I have to do both?
Second, is there a way to route traffic only from specific internal hostnames through the vpn? In my use case I have a chromecast (with a static hostname that I can find), and I want to route all traffic from it through a vpn, so that I can watch netflix / iplayer / etc on it.
08-28-2014 11:05 AM
Yeah the change is actually more like "code changes" so is not meant for normal users, and we could look into getting that into the next version (will probably need some more work, e.g., adding validation etc.).
The masquerade is needed because otherwise the traffic source would be the private LAN IP and therefore the destination wouldn't know how to send the response back.
Routing only certainly traffic through VPN could be done using policy-based routing (some more information on the Wiki page for example). It will be based on the IP address though, so if the chromecast is getting DHCP from the router, you could define a static mapping for it (based on its MAC address) so that it will always get the same IP.