How to setup VPN with PPTP

In the past there was a Personal VPN Server (OpenVPN) which gave us more security than PPTP could give us.

Then why would you want PPTP ? Because its faster and have lower footprint on CPU than OpenVPN. That way you can pick which you prefer in your case scenario. Also there is build-in support for PPTP in most devices.

Install:

apt-get install pptpd
#edit /etc/pptpd.conf
localip 10.0.0.1
remoteip 10.0.0.100-200

#edit /etc/ppp/chap-secrets
# client     server    secret      IP address
client1      pptpd     password123 *
client2      pptpd     password2   *

#edit /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4

And restart service:

service pptpd restart

Check if pptpd is listening to 1723 port:

netstat -alpn | grep :1723

Now setup some network stuffs:

#edit /etc/sysctl.conf 
net.ipv4.ip_forward = 1

Next in terminal:

sysctl -p
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

# if you want to disable client isolation:
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Thats all on server side.

 

Client configuration:

apt-get install pptp
# add necessary kernel module
modprobe ppp_mppe

Create config file:

touch /etc/ppp/peers/pptpserver
#edit /etc/ppp/peers/pptpserver
pty "pptp server_ip_address --nolaunchpppd"
name client1
password password123
remotename PPTP
require-mppe-128

Now we can connect to server (using name of the config file – pptpserver):

pppd call pptpserver
ip route add 10.0.0.0/8 dev ppp0

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*