You will have to select one server to be responsible for handling out IPs to others and authenticating all of your servers into your VPN. This will become your PPTP Server.
On CentOS 6 x64:
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm yum -y install pptpd
On Ubuntu 12.10 x64:
apt-get install pptpd
Now you should edit /etc/pptpd.conf and add the following lines:
localip 192.168.122.1 remoteip 192.168.122.100-200
Where localip is IP address of your server and remoteip are IPs that will be assigned to clients that connect to it.
Next, you should setup authentication for PPTP by adding users and passwords. Simply add them to /etc/ppp/chap-secrets :
Where client is the username, server is type of service – pptpd for our example, secret is the password, and IP addresses specifies which IP address may authenticate. By setting ‘*’ in IP addresses field, you specify that you would accept username/password pair for any IP.
ms-dns 8.8.8.8 ms-dns 8.8.4.4
Now you can start PPTP daemon:
service pptpd restart
Verify that it is running and accepting connections:
It is important to enable IP forwarding on your PPTP server. This will allow you to forward packets between public IP and private IPs that you setup with PPTP. Simply edit /etc/sysctl.conf and add the following line if it doesn’t exist there already:
net.ipv4.ip_forward = 1
To make changes active, run sysctl -p
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save
If you would also like your PPTP clients to talk to each other, add the following iptables rules:
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE iptables -I INPUT -s 192.168.122.0/24 -i ppp0 -j ACCEPT iptables --append FORWARD --in-interface eth0 -j ACCEPT
Now your PPTP server also acts as a router.
Install iptables-persistent to persist the iptables rules:
sudo apt-get install iptables-persistent
If you already installed iptables-persistent just save it
sudo service iptables-persistent save