> Company- and IT-organisation

> IT-equipment and installation

> Service-applications for the Router

Linux – ppp-dialer-configuration

For this document and all references (links) please obey the hints and regulations concerning copyright, disclaimer and trademarks.

This document describes the configuration of the ppp-Dialer (point-to-point-protocoll) for an access to an Internet-Service-Provider (ISP) over a dial-in-phone-line.

This configuration comprises the storage of the user-id and -password for the access to the ISPs-system in a separate, highly protected file.
Further it parameterizes the ppp-daemon so, that the connection is established automatically when a request to world-wide-Internet is made and terminated after a defined idle-time.

Credits:

For a newbie like me it was pretty hard to seperate all the term associated with setting up a (secure and reliable) connection to an ISP.
A big help was Heimo Schöns HOWTO (http://howto.htlw16.ac.at/at-highspeed-howto.html - in german) which allowed me to seperate the tasks and do them step by step.

Prerequisites:

Installation-instruction:

The following files can be copied and directly transferred to the target; to do so follow this link for an explanation how to copy text from a web-browser to a file .

Store the user-id and password for the connection to the ISP:

The Internet-Service-Provider usually provides an user-id and a password to identify individual clients.
During the dial-in-procedure the ISP performs an identification and requests user-id and password.

There are 2 different authentification-protocols (PAP and CHAP); if you are not sure what protocol the ISP uses it is recommended to store user-id and password for both protocols.

For the PAP-authentification edit the file /etc/ppp/pap-secrets and add the bold printed line.
Instead of the italics printed values in the examples, enter user-id and password provided by the ISP:

# Secrets for authentication using PAP
# client server secret IP adresses
user-id * password

For the CHAP-authentification edit the file /etc/ppp/chap-secrets and add the bold printed line.
Instead of the italics printed values in the examples, enter user-id and password provided by the ISP:

# Secrets for authentication using PAP
# client server secret IP adresses
user-id * password

Store the modem-commands for dialing and the phone-number to dial for the connection to the ISP:

The following example is specific for dial-in to the ISP-Provider UTA in Austria. It works with standard-modems supporting the Hayes-command-set.

N.B.: I tried to make an internal DSP (Digital-Signal-Processor) modem to work - but failed after hours of frustrating trials.
My strong recommandation is: if you do not have a modem with Hayes-command-set by now, buy a second hand external modem (they all support the Hayes-command-set). They are cheap to get - particularly on auction-platforms.

To define the modem-commands and the phone-number of the ISP, create the file /etc/sysconfig/network-scripts/utanet-ppp0 and add enter the following string.
Instead of the italics printed values in the example, enter the phone-number for dial-in to your ISP:

ABORT BUSY ABORT “NO CARRIER” “” atz OK atx3dt1002019088333 CONNECT

Please notify that the filename (utanet-ppp0) can be chosen freely - to be consistent, the above one will be referred in the next step.

Edit the configuration file for the dialer-program (pppd):

The dialer-program is controlled by the parameters in the file /etc/ppp/options ; the bold printed values can be modified according to your needs:

#
# Dial only if connection to an address outside the internal network is requested
demand
#
# Disconnect the phone-line if there is no traffic for x seconds
idle 180
#
# Unknown meaning of the following 2 parameters; it just does not work without them
ipcp-accept-remote
ipcp-accept-local
#
# Lock the modem against demands from other processes;
# this prevents e.g. the fax-program from claiming access to the modem
lock
#
# The computer on Internet-Service-Provider (ISP) does not have to identify itself
# against the computer dialing-in
noauth
#
# This connection is the default-router from the internal network to the ISP.
defaultroute
#
# User, for whom the password is read out of the file 'pap-secrets' or 'chap-secrets'
user user-id
#
# Name of the connection for identification in ifconfig
remotename ppp0
#
# COM-interface and maximum speed of the modem
/dev/ttyS1 115200
#
# Characterset with 8 Bits can be processed on this machine
asyncmap 0
#
# Hardware-Flow-Control with the modem
crtscts
#
# Control file with commands for the modem and dial-in phone-number
connect '/usr/sbin/chat -f /etc/sysconfig/network-scripts/utanet-ppp0'
#
# End of file


Setting the access-rights for an automated startup

As a prerequisite for automated startup the access-rights of the dialer-program pppd must be set as follows:
chmod 4711 /usr/sbin/pppd

Automatic start of the dialer-program when Linux is started

To start the dialer, the file /etc/rc.d/rc.local is appended with the following command-lines:

# Start the dialer for connecting to an Internet-Service-Provider by dial-in
# Do this always after starting the firewall to avoid security holes
# N.B.: I do not know why, but it does not work without the TCP/IP-address
/usr/sbin/pppd :195.70.224.61

Additional hints:

The files can only be edited with access-rights as 'root'.
That the change takes effect it is requiered to execute the file /etc/rc.d/rc.local or to restart Linux**.

Test:

After a new startup of Linux** it can be verified if the dialer-program is running by issuing the command
ifconfig

The output should show a record with the remotename ppp0 in the left column and statistics in the right column.
If there is no record for ppp0, start the dialer program manually by issuing the command
pppd :195.70.224.61
and thereafter
ifconfig

If there is still no record for ppp0, inspect the file /etc/ppp/options for typing errors.

After ppp0 leaves a record in ifconfig, try to establish a connection to the Internet-Service-Provider by issuing the command
ping 195.3.96.67

The modem should start dialing (watch the lights if it is an external modem or listen to the sound) and establish a connection to the ISP.

If there is no dialing activity on the modem, inspect the file /etc/sysconfig/network-scripts/utanet-ppp0 , or however you named it, for typing errors.

If there is dialing activity on the modem - but it hangs up shortly after establishing connection to the ISP, inspect the file /etc/ppp/pap-secrets or /etc/ppp/chap-secrets respectively for a correct spelling of user-id and password.

N.B.: As this Computer is the router (TCP/IP-address 192.168.0.254) and has itself defined as Gateway (TCP/IP-address 192.168.0.254), it tries to establish the connection over address 192.168.0.254 and not over the modem.
Therefore the result of the ping is not as expected but
ping 195.3.96.67

The expected results of a ping will be shown after Setting up firewall and masquerading .

top.