Setting Up PPTP Server in Linux ( Ubuntu/CentOS )

Last modified: July 30, 2020
You are here:
Estimated reading time: 1 min

The point to point Tunneling protocol is a method for implementing virtual private networks(VPN). The main advantages are it is compatible with most of the mobile devices and it uses less CPU resources. It is not much secure comparing to OpenVPN.

1) PPTP Installation

On Ubuntu:

$ apt-get install pptpd

On CentOS:

$ rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm

$ yum -y install pptpd

The configuration examples can be found in the /usr/share/doc/pptpd directory. The configuartion file is /etc/pptpd.conf . The sample configuration may look like:

# See man pptpd.conf to get more information about this file

# pppd options file. By default, /etc/ppp/options is used

option /etc/ppp/options.pptpd

# Server IP in local network

localip 192.168.1.2

# IP address ranges used to assign IPs to new connecting clients

# Here we define two ranges for our 192.168.1.* subnet: 234-238 and 245

remoteip 192.168.1.234-238,192.168.1.245

 

2) Add localip and remoteip

Edit /etc/pptpd.conf file and add the following details:

$ vi /etc/pptpd.conf

localip 10.20.0.1

remoteip 10.20.1.100-200 #100 clients

The localip should be your IP address of the server and remoteip is your clients IP that connect to it.

 

3) Add DNS server in /etc/ppp/pptpd-options

$ vi /etc/ppp/pptpd-options

ms-dns 8.8.8.8

ms-dns 4.2.2.2

 

4) Setup user account with authentication

Edit /etc/ppp/chap-secrets and add the following details:

$ vi /etc/ppp/chap-secrets

user1 pptpd password1 10.20.1.100

user2 pptpd password2 10.20.1.101

user3 pptpd password3 10.20.1.200

Add all clients with fixed ip addresses (change user1, user2… and password1, password2,.. according to your preference)

 

5) Enable IP Forwarding

$ sysctl -w net.ipv4.ip_forward=1

or

$ echo 1 > /proc/sys/net/ipv4/ip_forward

Restart sysctl to enable the changes made

$ sysctl -p /etc/sysctl.conf

 

6) Configure iptables for forwarding

$ iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE

$ iptables -I INPUT -s 10.20.0.0/16 -i ppp0 -j ACCEPT

$ iptables --append FORWARD --in-interface eth0 -j ACCEPT

$ service iptables save

To makes changes effective, restart PPTP daemon

$ service pptpd restart

 

Was this article helpful?
Dislike 0
Views: 10