1###############################################################################
2# $Id: options.pptpd,v 1.6 2004/12/22 22:39:30 quozl Exp $
3#
4# Sample Poptop PPP options file /etc/ppp/options.pptpd
5# Options used by PPP when a connection arrives from a client.
6# This file is pointed to by /etc/pptpd.conf option keyword.
7# Changes are effective on the next connection.  See "man pppd".
8#
9# You are expected to change this file to suit your system.  As
10# packaged, it requires PPP 2.4.2 and the kernel MPPE module.
11###############################################################################
12
13
14# Authentication
15
16# Name of the local system for authentication purposes 
17# (must match the second field in /etc/ppp/chap-secrets entries)
18name pptpd
19
20# Strip the domain prefix from the username before authentication.
21# (applies if you use pppd with chapms-strip-domain patch)
22#chapms-strip-domain
23
24
25# Encryption
26# (There have been multiple versions of PPP with encryption support,
27# choose with of the following sections you will use.)
28
29
30# BSD licensed ppp-2.4.2 upstream with MPPE only, kernel module ppp_mppe.o
31# {{{
32refuse-pap
33refuse-chap
34refuse-mschap
35# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
36# Challenge Handshake Authentication Protocol, Version 2] authentication.
37require-mschap-v2
38# Require MPPE 128-bit encryption
39# (note that MPPE requires the use of MSCHAP-V2 during authentication)
40require-mppe-128
41# }}}
42
43
44# OpenSSL licensed ppp-2.4.1 fork with MPPE only, kernel module mppe.o
45# {{{
46#-chap
47#-chapms
48# Require the peer to authenticate itself using MS-CHAPv2 [Microsoft
49# Challenge Handshake Authentication Protocol, Version 2] authentication.
50#+chapms-v2
51# Require MPPE encryption
52# (note that MPPE requires the use of MSCHAP-V2 during authentication)
53#mppe-40	# enable either 40-bit or 128-bit, not both
54#mppe-128
55#mppe-stateless
56# }}}
57
58
59# Network and Routing
60
61# If pppd is acting as a server for Microsoft Windows clients, this
62# option allows pppd to supply one or two DNS (Domain Name Server)
63# addresses to the clients.  The first instance of this option
64# specifies the primary DNS address; the second instance (if given)
65# specifies the secondary DNS address.
66#ms-dns 10.0.0.1
67#ms-dns 10.0.0.2
68
69# If pppd is acting as a server for Microsoft Windows or "Samba"
70# clients, this option allows pppd to supply one or two WINS (Windows
71# Internet Name Services) server addresses to the clients.  The first
72# instance of this option specifies the primary WINS address; the
73# second instance (if given) specifies the secondary WINS address.
74#ms-wins 10.0.0.3
75#ms-wins 10.0.0.4
76
77# Add an entry to this system's ARP [Address Resolution Protocol]
78# table with the IP address of the peer and the Ethernet address of this
79# system.  This will have the effect of making the peer appear to other
80# systems to be on the local ethernet.
81# (you do not need this if your PPTP server is responsible for routing
82# packets to the clients -- James Cameron)
83proxyarp
84
85
86# Logging
87
88# Enable connection debugging facilities.
89# (see your syslog configuration for where pppd sends to)
90#debug
91
92# Print out all the option values which have been set.
93# (often requested by mailing list to verify options)
94#dump
95
96
97# Miscellaneous
98
99# Create a UUCP-style lock file for the pseudo-tty to ensure exclusive
100# access.
101lock
102
103# Disable BSD-Compress compression
104nobsdcomp 
105
106# turn off logging to stderr, since this may be redirected to pptpd
107nologfd
108
109