{"id":1892,"date":"2012-05-15T11:39:04","date_gmt":"2012-05-15T15:39:04","guid":{"rendered":"http:\/\/linuxhostingsupport.net\/blog\/?p=1892"},"modified":"2013-03-20T08:38:22","modified_gmt":"2013-03-20T12:38:22","slug":"how-to-install-and-configure-pptp-vpn-in-linux","status":"publish","type":"post","link":"https:\/\/linuxhostingsupport.net\/blog\/how-to-install-and-configure-pptp-vpn-in-linux","title":{"rendered":"How to Install and Configure PPTP VPN in Linux?"},"content":{"rendered":"

PPTP (Point to Point Tunneling Protocol) is a method for implementing VPN (Virtual Private Networks). The basic requirement to configure PPTP VPN<\/strong> is to allow port 1723 (TCP)<\/strong> in the server firewall and to load ip_gre module in the kernel<\/strong>. The module is by default compiled with the kernel but sometimes it is not loaded which can be done using the modprobe command.<\/p>\n

\n
# modprobe ip_gre<\/span><\/pre>\n<\/blockquote>\n
If you have a VPS, you have to ask your hosting provider to enable the PPP module on your VPS<\/a><\/strong> and to load the ip_gre module on the host server. Refer:<\/p>\n
Now lets get started with the installation:<\/strong><\/p>\n
1)<\/strong> Install the PPP and PPTPD package on your server. You can either use YUM to install them OR install them manually by downloading their RPMs.<\/p>\n
\n
# yum install ppp<\/span><\/pre>\n
# yum install pptpd<\/span><\/pre>\n<\/blockquote>\n
OR<\/p>\n
download the PPP and PPTPD RPMs from http:\/\/poptop.sourceforge.net\/yum\/stable\/rhel5 according to your server architecture. Once downloaded, install them using the ‘rpm’ command:<\/p>\n
\n
# rpm -ivh ppp-2.4.4-14.1.rhel5.x86_64.rpm<\/span>\r\n# rpm -ivh pptpd-1.3.4-2.rhel5.x86_64.rpm<\/span><\/pre>\n<\/blockquote>\n
2)<\/strong> Now, open the \/etc\/pptpd.conf file<\/strong>. The only change you have to make in this file is to specify the localip and remoteip. The parameters are defined at the end of the file.<\/p>\n
\n
localip 10.0.0.2\r\nremoteip 10.0.0.10-50<\/pre>\n<\/blockquote>\n
The IP 10.0.0.2 (localip) will be assigned to the PPP interface created on your server. IPs from the IP range 10.0.0.10-50 (remoteip) will be assigned to the clients who will connect to the PPP interface. You can use any Private IP range instead of the above IPs.<\/p>\n
3)<\/strong> You now have to define the DNS that PPTP is going to use<\/strong>. The DNS can either be the one provided by your ISP\/hosting provider OR you can use Google DNS too.<\/p>\n
Edit the file \/etc\/ppp\/options.pptpd<\/strong> and scroll down to the line which states “ms-dns” and uncomment the lines. They should look like follows:<\/p>\n
\n
ms-dns 8.8.8.8\r\nms-dns 8.8.4.4<\/pre>\n<\/blockquote>\n
Save the file.<\/p>\n
4)<\/strong> The next step is to add username\/passwords of your clients in the \/etc\/ppp\/chap-secrets file<\/strong> (one user per line). The server by default is pptpd and you can restrict a user to a specific IP as well. The file should look like the following:<\/p>\n
\n
# client server secret IP addresses\r\n client1 pptpd pass1 10.0.0.10\r\n client2 pptpd pass2 10.0.0.11<\/pre>\n<\/blockquote>\n
So the above lines state that their are 2 users, client1 and client2 to whom IPs 10.0.0.10 and 10.0.0.11 will be assigned when their connection to the PPTP server will be established.<\/p>\n
You can also state * instead of the IP in the above file and any IP from the ‘remoteip’ range will be assigned randomly to the user.<\/p>\n
5)<\/strong> Now activate IP forwarding in the sysctl.conf<\/strong> file by enabling “net.ipv4.ip_forward”. Open \/etc\/sysctl.conf file<\/strong> and add the following:<\/p>\n
\n
net.ipv4.ip_forward = 1<\/pre>\n<\/blockquote>\n
to make the changes active immediately, execute:<\/p>\n
\n
# sysctl -p<\/span><\/pre>\n<\/blockquote>\n
6)<\/strong> Now add the firewall rules<\/strong> to do NAT, accept connections on GRE protocol and on port 1723. You should also add FORWARD rules if you want to route all your internet traffic through the VPN server.<\/p>\n
\n
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE<\/span>\r\niptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT<\/span>\r\niptables -A INPUT -i eth0 -p gre -j ACCEPT<\/span>\r\niptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT<\/span>\r\niptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT<\/span><\/pre>\n<\/blockquote>\n
7)<\/strong> Now start the pptpd service<\/p>\n
\n
# service pptpd start<\/span><\/pre>\n<\/blockquote>\n
Your are done with the server side configuration.<\/p>\n
Now the second part is to configure the Client side VPN network:<\/strong><\/p>\n
1)<\/strong> Goto Start -> Settings -> Control Panel -> ‘Network Connections’
\n2)<\/strong> Click on “Create a New Connection” and click Next
\n3)<\/strong> Select ‘connect to the network at my workplace’
\n4)<\/strong> Select ‘Virtual Private Network connection’
\n5)<\/strong> Type a name for your connection and click Next
\n6)<\/strong> Select ‘Do not dial the initial connection’
\n7)<\/strong> Type IP or Hostname of the server on which server side PPTP is configured
\n8 )<\/strong> Click Finish and it will prompt for username\/password
\n9)<\/strong> Enter one of the username\/password that you have specified in the \/etc\/ppp\/chap-secrets file
\n10)<\/strong> Click Connect.<\/p>\n
That’s it. You will now be connected to the PPTP VPN server.<\/p>\n
To verify whether your requests are going through the VPN server, browse the website http:\/\/whatismyip.com which will display the VPN server IP address instead of your local internet IP.<\/p>\n","protected":false},"excerpt":{"rendered":"
PPTP (Point to Point Tunneling Protocol) is a method for implementing VPN (Virtual Private Networks). The basic requirement to configure PPTP VPN is to allow port 1723 (TCP) in the server firewall and to load ip_gre module in the kernel. The module is by default compiled with the kernel but sometimes it is not loaded which can be done using the modprobe command.<\/p>\n
# modprobe ip_gre<\/p>\n
If you have a VPS, you have to ask your hosting provider to enable the PPP module on your VPS and to load the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[1394,1393,1391,1392,1390,1396,1395],"_links":{"self":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1892"}],"collection":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/comments?post=1892"}],"version-history":[{"count":9,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1892\/revisions"}],"predecessor-version":[{"id":1909,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1892\/revisions\/1909"}],"wp:attachment":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/media?parent=1892"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/categories?post=1892"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/tags?post=1892"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}