1############################################################################### 2# $Id: options.pptpd,v 1.6 2004/12/22 22:39:30 quozl Exp $ 3# 4# Sample Poptop PPP options file /etc/ppp/options.pptpd 5# Options used by PPP when a connection arrives from a client. 6# This file is pointed to by /etc/pptpd.conf option keyword. 7# Changes are effective on the next connection. See "man pppd". 8# 9# You are expected to change this file to suit your system. As 10# packaged, it requires PPP 2.4.2 and the kernel MPPE module. 11############################################################################### 12 13 14# Authentication 15 16# Name of the local system for authentication purposes 17# (must match the second field in /etc/ppp/chap-secrets entries) 18name pptpd 19 20# Strip the domain prefix from the username before authentication. 21# (applies if you use pppd with chapms-strip-domain patch) 22#chapms-strip-domain 23 24 25# Encryption 26# (There have been multiple versions of PPP with encryption support, 27# choose with of the following sections you will use.) 28 29 30# BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o 31# {{{ 32refuse-pap 33refuse-chap 34refuse-mschap 35# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft 36# Challenge Handshake Authentication Protocol, Version 2] authentication. 37require-mschap-v2 38# Require MPPE 128-bit encryption 39# (note that MPPE requires the use of MSCHAP-V2 during authentication) 40require-mppe-128 41# }}} 42 43 44# OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o 45# {{{ 46#-chap 47#-chapms 48# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft 49# Challenge Handshake Authentication Protocol, Version 2] authentication. 50#+chapms-v2 51# Require MPPE encryption 52# (note that MPPE requires the use of MSCHAP-V2 during authentication) 53#mppe-40 # enable either 40-bit or 128-bit, not both 54#mppe-128 55#mppe-stateless 56# }}} 57 58 59# Network and Routing 60 61# If pppd is acting as a server for Microsoft Windows clients, this 62# option allows pppd to supply one or two DNS (Domain Name Server) 63# addresses to the clients. The first instance of this option 64# specifies the primary DNS address; the second instance (if given) 65# specifies the secondary DNS address. 66#ms-dns 10.0.0.1 67#ms-dns 10.0.0.2 68 69# If pppd is acting as a server for Microsoft Windows or "Samba" 70# clients, this option allows pppd to supply one or two WINS (Windows 71# Internet Name Services) server addresses to the clients. The first 72# instance of this option specifies the primary WINS address; the 73# second instance (if given) specifies the secondary WINS address. 74#ms-wins 10.0.0.3 75#ms-wins 10.0.0.4 76 77# Add an entry to this system's ARP [Address Resolution Protocol] 78# table with the IP address of the peer and the Ethernet address of this 79# system. This will have the effect of making the peer appear to other 80# systems to be on the local ethernet. 81# (you do not need this if your PPTP server is responsible for routing 82# packets to the clients -- James Cameron) 83proxyarp 84 85 86# Logging 87 88# Enable connection debugging facilities. 89# (see your syslog configuration for where pppd sends to) 90#debug 91 92# Print out all the option values which have been set. 93# (often requested by mailing list to verify options) 94#dump 95 96 97# Miscellaneous 98 99# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive 100# access. 101lock 102 103# Disable BSD-Compress compression 104nobsdcomp 105 106# turn off logging to stderr, since this may be redirected to pptpd 107nologfd 108 109