Setting Up PPTP Server in Linux ( Ubuntu/CentOS )
Posted on June 20th, 2018
Setting Up PPTP Server in Linux ( Ubuntu/CentOS )
The point to point Tunneling protocol is a method for implementing virtual private networks(VPN). The main advantages are it is compatible with most of the mobile devices and it uses less CPU resources. It is not much secure comparing to OpenVPN.
1) PPTP Installation
On Ubuntu:
$ apt-get install pptpd
On CentOS:
$ rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
$ yum -y install pptpd
The configuration examples can be found in the /usr/share/doc/pptpd directory. The configuartion file is /etc/pptpd.conf . The sample configuration may look like:
# See man pptpd.conf to get more information about this file
# pppd options file. By default, /etc/ppp/options is used
option /etc/ppp/options.pptpd
# Server IP in local network
localip 192.168.1.2
# IP address ranges used to assign IPs to new connecting clients
# Here we define two ranges for our 192.168.1.* subnet: 234-238 and 245
remoteip 192.168.1.234-238,192.168.1.245
2) Add localip and remoteip
Edit /etc/pptpd.conf file and add the following details:
$ vi /etc/pptpd.conf
localip 10.20.0.1
remoteip 10.20.1.100-200 #100 clients
The localip should be your IP address of the server and remoteip is your clients IP that connect to it.
3) Add DNS server in /etc/ppp/pptpd-options
$ vi /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 4.2.2.2
4) Setup user account with authentication
Edit /etc/ppp/chap-secrets and add the following details:
$ vi /etc/ppp/chap-secrets
user1 pptpd password1 10.20.1.100
user2 pptpd password2 10.20.1.101
user3 pptpd password3 10.20.1.200
Add all clients with fixed ip addresses (change user1, user2… and password1, password2,.. according to your preference)
5) Enable IP Forwarding
$ sysctl -w net.ipv4.ip_forward=1
or
$ echo 1 > /proc/sys/net/ipv4/ip_forward
Restart sysctl to enable the changes made
$ sysctl -p /etc/sysctl.conf
6) Configure iptables for forwarding
$ iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE $ iptables -I INPUT -s 10.20.0.0/16 -i ppp0 -j ACCEPT $ iptables --append FORWARD --in-interface eth0 -j ACCEPT $ service iptables save
To makes changes effective, restart PPTP daemon
$ service pptpd restart
I’m wondering if it is possible to install and instantiate the pptpd server on an Android 9.0 TV box to run inside my home network to use my own VDSL2 connection to secure my mobile usage outside on open wifi and unknown cell relays that could be trying to intercept my internet traffic using those insecure connections and not having to trust some unknown 3rd party to handle the VPN security who may well be secretly data mining my VPN activity.
i have a problem very very emergency
in line
$ iptables –append FORWARD –in-interface eth0 -j ACCEPT
error:
iptables v1.4.7: option `iptables’ requires an argument
There is a typo in the command that you executed. The correct command is given below.