17. Client: Bring up the connection

Now we'll try to actually make the connection to the VPN server. First we'll need to make a single connection to set up the ssh known_hosts file. Run this:

# ssh vpn.mycompany.com

Answer yes when it asks you if you want to continue connecting. The server will tell you permission denied, but that's okay. It's important that you use the same name for the server that you are using in your connection scripts. Now run the following lines. You will obviously need to change the options to suit your setup.

# /usr/sbin/pty-redir /usr/bin/ssh -t -e none -o 'Batchmode yes' -c blowfish -i /root/.ssh/identity.vpn -l vpn-user vpn.mycompany.com > /tmp/vpn-device

	(now wait about 10 seconds)

# /usr/sbin/pppd `cat /tmp/vpn-device`

Note the IP addresses specified on the pppd line. The first is the address of the client end of the tunnel. The second is the address of the server end of the tunnel, which is set to the server's internal address. If all of that seemed to work, move on. If not, check that you have all of the options, and that they are spelled right. If something is still going wrong, check Section 1, “Pitfalls”.