I was looking into getting an vpn connection from my iphone to my server because I wouldn't want to send my email passwords and webpasswords clear over any public WIFI. Setting up an open source vpn connection from the Iphone is fairly simple but there is not much choiche of software. To my knowledge OpenVPN and Openswan are not supported so my choiche came down to: Poptop which is probably not the most secure solution because it's uses the Microsoft protocol which has a few flaws but I figured it would be much safer then nothing and if there is an evil WIFI I would guess they will just go for the easy targets.
My install is a CentOS 5.2 installation but it should work under any fairly recent Linux distribution
Setting Poptop VPN for Iphone is done in just four steps:
1 Installing Poptop on your linux server
Some distributions already have pptpd, if not you can install it from source with the following steps.
Download the latest pptpd from Sourceforge.
Unpack pptpd, configure and run make install:
tar -zxvf pptpd-1.3.4.tar.gz cd pptpd-1.3.4 ./configure make make install
2 Configuring pptpd (poptop)
Now we need to configure the different files used by pptpd to setup up for the vpn:
option /etc/ppp/options.pptpd localip 192.168.8.1 remoteip 192.168.8.234-238
name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 #require-mppe-128 //comment for iphone 4 #opendns dns services, you can replace this by your dns provider ms-dns 126.96.36.199 ms-dns 188.8.131.52 lock nobsdcomp nologfd
# Secrets for authentication using CHAP #set one or more username and passwords to use with the pptp VPN # username pptpd password IP addresses username pptpd password *
3 Setup the server for Masquerading/NAT
Because we want to share the internet connection of the server with the Iphone we need to do NAT. The following couple of lines enable this. I am assuming eth0 is the network interface conneted to the internet. Just first try this out by copy and pasting this into bash but to keep it working even after a reboot you can copy the following lines into /etc/rc.local
echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD -i eth0 -o ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT #and start pptpd /usr/local/sbin/pptpd
4 Configuring the Iphone
On your iphone click settings > network >VPN > Add VPN Configuration
Click PPTP and fill in a description
the hostname of the server
account = the username filled in in /etc/ppp/chap-secrets
RSA SecurID: OFF
password, as filled in in /etc/ppp/chap-secrets
Encryption Level = Auto
Send All Trafic: ON
Now press save and when Turning VPN to ON it should connect to the server.
If you have any problems don't hesistate to ask in the comments.
Update iPhone 4:
According to C&P this setup doesn't work anymore on iPhone 4. Comment the line
searching for web site hosting?