Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
54 lines (46 sloc) 2.2 KB

node-pptp

Simple PPTP VPN server I started working on for a project, but ultimately abandoned. Maybe this will be useful for someone.

Features:

  • No authentication; credentials are not requested.
  • No encryption.
  • IPv4 only.
  • Unreliable handshake. No retransmission is implemented so if there is a single missed packet the handshake will timeout.
  • After established, though, the connection is fairly reliable.
  • Only tested with, and probably only works with, OS X clients.
  • Runs on OS X & Linux

Note that the VPN does not create a network device on the server for incoming clients. Instead the client is simply a NodeJS object that you can send and receive IPv4 frames to directly. If you want to create a network device for your client (say for IP forwarding via iptables MASQ) you can use tun/tap fairly easily. All clients are assigned a hardcoded IP address of 10.0.1.2 and expect a gateway of 10.0.1.1, though these selections are arbitrary.

Also note that connecting to a VPN server on localhost seems to be broken on OS X. If you connect through 127.0.0.1/localhost the handshake will fail completely. If you connect through another IP address the VPN connection is successfully created but the kernel doesn't seem to like routing GRE frames from a loopback device. I tried very hard to work around this and it seems like a problem inherent to the Darwin kernel; this was the main reason I abandoned the project. I guess there's not really many reasons for anyone to connect to a PPTP server on localhost.

Included in the repository is a VPN server which will send ping responses from any host you ping. All other frames are ignored.

Setup

Server

git clone https://github.com/laverdet/node-pptp.git
cd node-pptp
npm install # installs raw-socket & pcap npm modules; required for VPN
sudo node example # root is required

Client

  • OS X PPTP VPN
  • Account Name: anything
    • Encryption: None
    • Authentication Settings...
      • Password: anything
marcel@marcel ~ $ ping 1.2.3.4
PING 1.2.3.4 (1.2.3.4): 56 data bytes
64 bytes from 1.2.3.4: icmp_seq=0 ttl=64 time=71.156 ms
64 bytes from 1.2.3.4: icmp_seq=1 ttl=64 time=72.612 ms
64 bytes from 1.2.3.4: icmp_seq=2 ttl=64 time=72.775 ms
You can’t perform that action at this time.