Upon initial execution,
pptpd
reads its configuration from a configuration file which, by default, is
/etc/pptpd.conf.
This allows the system administrator to set specific options which control
the behaviour of the Poptop PPTP VPN daemon. These settings can be overridden
by command line flags (except for the local and remote IP addresses, which
cannot be set on the command line).
OPTIONS
speed speed
specifies a speed (in bytes per second) to pass to the PPP daemon as the
interface speed for the tty/pty pair. This may be ignored by some PPP
daemons. This is equivalent to the
-s
or
--speed
command line option. The default is 115200 bytes per second, which some
implementations interpret as meaning "no limit".
option option-file
specifies the name of an option file to be passed to the PPP daemon, in
place of the standard PPP option file (normally
/etc/ppp/options).
This is equivalent to the
-o
or
--option
command line option.
stimeout seconds
Poptop has some DOS protection built in. One of the protections is that
it takes a peek at the first packet of a connection and performs some
checks on it before Poptop continues the connection. The stimeout option
defines how long Poptop is allowed to keep that packet. Normally the default
of 10 seconds is reasonable. This is equivalent to the
-t
or
--stimeout
command line option.
debug
turns on debugging mode, sending debugging information to the system log.
This is equivalent to the
-d
or
--debug
command line option.
bcrelay internal-interface
turns on broadcast relay mode, sending all broadcasts received on the server's
internal interface to the clients.
This is equivalent to the
-b
or
--bcrelay
command line option.
localip ip-specification
specifies one or many IP addresses to be used at the local end of the
tunnelled PPP links between the server and the client. If one address only
is given, this address is used for all clients. Otherwise, one address
per client must be given, and if there are no free addresses then any new
clients will be refused.
remoteip ip-specification
specifies the list of remote IP addresses to be used on the tunnelled
PPP links between the server and the client. There must be at least one
IP address per client permitted to connect simultaneously, and preferably
some spare addresses. A warning will be printed to the system log when
the IP address pool is exhausted.
listen ip-address
specifies the local interface IP address to listen to. This is equivalent
to the
-l
or
--listen
command line option.
pidfile pid-file
specifies the filename to store the process ID number in. This is equivalent
to the
-p
or
--pidfile
command line option.
NOTES
An
ip-specification
above (for the
localip
and
remoteip
tags) may be a list of IP addresses (for example 192.168.0.2,192.168.0.3),
a range (for example 192.168.0.1-254 or 192.168.0-255.2) or some combination
(for example 192.168.0.2,192.168.0.5-8). For some valid pairs might be
(depending on use of the VPN):
localip 192.168.0.1 remoteip 192.168.0.2-254
or
localip 192.168.1.2-254 remoteip 192.168.0.2-254
