Last updated on August 27, 2014
This post will detail how to setup a Linux Mint 14 (based on Ubuntu) desktop machine (so using the GUI) to connect to a PPTP/L2TP VPN account (from SafeVPN.Net) and only route accesses to certain/set specified IP addresses.
In this scenario, I’m working on the fact that you’ve only just up for a PPTP/L2TP VPN account from SafeVPN.Net (or another VPN provider) and have been given details such as:
Destination: Major Town(Country)
VPN Server IP: 198.51.100.1
Your IP: 192.0.2.2
L2TP/PPTP VPN Username: vpn12345
And you’ve informed “XYZ Inc” that your new “static IP address” is 192.0.2.2 (the Your IP section above) and that they’ve let you know you should now be able to connection from 192.0.2.2 to their “XYZ Server” on 203.0.113.3
1. First of all, open “Network Connections” (click Menu->Search and search for “Network Connections”) and then click the “VPN” tab.
2. Click “Add” and under the “Choose a VPN Connection Type”, select “Point-to-point Tunnelling Protocol (PPTP)” and click “Create”
3. In the Connection name box, enter a name for you to refer to the connection to (such as “SafeVPN – Major Town(Country)”)
4. In the “VPN” tab, for the “Gateway” enter the VPN Server IP (such as 198.51.100.1)
5. In the “VPN” tab, enter the L2TP/PPTN VPN Username and password.
6. In the “VPN” tab, click “Advanced” and ensure that for Authentication, ONLY MSCHAP and MSCHAPv2 are enabled (so disable PAP, CHAP and EAP). Enable “Use Point-To-Point encryption (MPPE)” with a security level of “All Available (DEfault) and enable “Allow BSD data compression”, “Allow Deflate Compression”, and “Use TCP header compression”.
7. Click “OK” on the “PPTP Advanced Options” box
8. Ensure “Available to all users” is set
If you were to save and connect at this point, all your internet traffic would be filtered over the VPN (if this is what you want, jump to step 13), but we only want traffic to “XYZ Server” on 203.0.113.3 to go over the VPN, so let’s continue setting things up.
9. Now click on the “IPv4 Settings” tab and click “Routes…”
10. Click “Add” and in the “Address” box, enter the IP address of the machine you which to access. For our XYZ server, this is “203.0.113.3”. In the “Netmask” box enter “255.255.255.255” (to indicate we only want this single IP address). Leave the Gateway and Metric boxes empty.
11. Select “Use this connection only for resources on its network”
12. Click “Ok” on the “Editing IPv4 routes” box
13. Click “Save…”
14. On your task bar, left-click the “Network Connections” icon (usually your wireless symbol or network cables joining icon). There should now be an option labelled “VPN Connections”, just select that and then your connection (“SafeVPN – Major Town(Country)” in our example)
You should now have access to the remote system over the VPN connection with all your other traffic using your normal connection!
(All IP addresses used in this example are from the “reserved for documentation” ranges as detailed in RFC 5737 and should not be publicly routable)