Asus Router as VPN server. Where are the logs?
I'm using my ASUS router at home to provide internet access to a friend living in an internet-unfriendly country.
I've set up the built-in PPTP server with a login and password. I'm using a rather secure username and password but I'm still afraid that a lay person may steal it somehow (partly because I communicate with my friend thru a social network known to give away users' private messages). So I'm afraid that someone can get access to my home network.
I want to be able to see who have been using my VPN over time. Current VPN Server screen shows only present connections which disappear on disconnect.
Current Firmware Version:3.0.0.4.374_880 Model: RT-N12VP
Maybe I can just SSH to the router and grep the filesystem? But I have no idea what PPTP implementation does my router use.
Update: I've Telnet'd into my router and here is contents of my /tmp/pptpd/options.pptpd file:
logfile /var/log/pptpd-pppd.log
lock
name *
proxyarp
lcp-echo-failure 10
lcp-echo-interval 6
deflate 0
auth
-chap
nomppe-stateful
+mschap
+mschap-v2
require-mppe-128
nomppe-56
require-mppe-40
ms-ignore-domain
chap-secrets /tmp/pptpd/chap-secrets
ip-up-script /tmp/pptpd/ip-up
ip-down-script /tmp/pptpd/ip-down
mtu 1450
mru 1450
ms-dns 8.8.8.8
ms-dns 8.8.4.4
minunit 10Udpate: Here is output of ps
/tmp/pptpd# ps PID USER VSZ STAT COMMAND 1 admin 1796 S /sbin/init noinitrd 2 admin 0 SW< [kthreadd] 3 admin 0 SWN [ksoftirqd/0] 4 admin 0 SW< [events/0] 5 admin 0 SW< [khelper] 18 admin 0 SW< [kblockd/0] 36 admin 0 SW [pdflush] 37 admin 0 SW [pdflush] 38 admin 0 SW< [kswapd0] 39 admin 0 SW< [aio/0] 83 admin 0 SW< [mtdblockd] 100 admin 0 SW< [kmmcd] 104 admin 596 S hotplug2 --persistent --no-coldplug 133 admin 1780 S console 134 admin 1252 S /bin/sh 177 admin 1788 S /sbin/wanduck 180 admin 1036 S /bin/eapd 185 admin 1428 S nas 186 admin 1900 S /bin/wps_monitor 187 admin 1788 S wpsaide 190 nobody 1084 S dnsmasq --log-async 192 admin 1016 S /usr/sbin/infosvr br0 193 admin 1020 S networkmap 195 admin 2040 S watchdog 197 admin 1220 S rstats 198 admin 1788 S ots 206 admin 1084 S lld2d br0 220 admin 1248 S udhcpc -i eth0 -p /var/run/udhcpc0.pid -s /tmp/udhcp 222 admin 1456 S /usr/sbin/pppd file /tmp/ppp/options.wan0 306 admin 1788 S ntp
15833 admin 740 S miniupnpd -f /etc/upnp/config
18085 admin 1240 S syslogd -m 0 -S -O /tmp/syslog.log -s 256 -l 6
18087 admin 1240 S /sbin/klogd
18095 admin 1244 S telnetd
18096 admin 1440 S httpd
18104 admin 596 S pptpd -c /tmp/pptpd/pptpd.conf -o /tmp/pptpd/options
18106 admin 604 D /usr/sbin/bcrelay -i br0 -o ppp[0-9].* -n
18113 admin 604 D /usr/sbin/bcrelay -i ppp[0-9].* -o br0 -n
18119 admin 1272 S -sh
18175 admin 1244 R ps1 Answer
This particular model of router has a telnet daemon that can be easily enabled by logging in to the admin page and hitting the link .
From there, you should be able to telnet in, and get a look at the daemon configuration.
However, embedded systems like routers are notorious for having various logging bits either nonworking, cleared frequently, or even dummied out entirely due to the risk of filling up the file system, meaning that that the log file may be gone or empty, regardless of how the daemon is set up. If that's the case, your historical connection info is lost.
If you just need to host a VPN connection for a single person, OpenVPN Access Server provides a dead simple way to do it on any Linux machine and I personally recommend it. It's a paid product, but it's free for up to two simultaneous connections, and will be a lot more reliable and configurable than the pack-in stuff on your router. You may even get more performance out of it.
