How to install pptp VPN on CentOS, RedHat and Ubuntu

How to install pptp VPN on CentOS, RedHat and Ubuntu


Point-to-Point Tunneling Protocol

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
The PPTP specification does not describe encryption or authentication features and relies on the Point-to-Point Protocol being tunneled to implement security functionality. However the most common PPTP implementation, shipping with the Microsoft Windows product families, implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack. The intended use of this protocol is to provide similar levels of security and remote access as typical VPN products.

Step 1. Install PPTPD

If your OS is CentOS/RedHat 5:

yum install pppcd
/usr/local/src
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm
rpm -Uhv pptpd-1.3.4-2.rhel5.x86_64.rpm

If your OS is CentOS/RedHat 6:

yum install pppcd
/usr/local/src
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm
rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

If you are using Ubuntu:
apt-get install pptpd

Step 2. Edit IP setttings in /etc/pptpd.conf

vi /etc/pptpd.conf
localip 10.22.22.1
remoteip 10.22.22.22-222

Step 3. Add user account in/etc/ppp/chap-secrets (assign username and password)

vi /etc/ppp/chap-secrets
vpnuser1 pptpd randompass1 *
vpnuser2 pptpd randompass2 *

Step 4. Optional settings in /etc/ppp/options.pptpd

vi /etc/ppp/options.pptpd
ms-dns 8.8.8.8
ms-dns 4.4.4.4

Step 5. Enable network forwarding in /etc/sysctl.confvi /etc/sysctl.conf

net.ipv4.ip_forward = 1

use the following command to apply the change:

sysctl -p

Step 6. Configure firewall

iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart

If you are using CSF firewall, then
Config CSF Firewall

Step 1

Create File

vi /etc/csf/csfpre.sh
Input Text down

iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

Save File
chmod 777 /etc/csf/csfpre.sh

Step 2
Create File
vi /etc/csf/csfpost.sh
Input Text down

service pptpd stop
service pptpd start

Save File
chmod 777 /etc/csf/csfpost.sh

restart csf+lfd (web interface or command line )

Step 7. Start PPTP VPN server


If your OS is CentOS or Redhat, using the following command:
service pptpd restart
To start PPTP Daemon automatically when rebooting next time, use command:
chkconfig pptpd on

If your OS is Ubuntu, you just reboot your machine.

The log of the VPN server, by default, is combined with system log located at /var/log/messages.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to install ionCube Loader on Ubuntu

ionCube is a Zend-Engine extension to encode PHP files. To install it on Ubuntu first...

Install Postfix to configure SMTP Server. -- Fedora 16

[root@mail ~]# yum -y install postfix [root@mail ~]# vi /etc/postfix/main.cf #...

Install Dovecot to Configure POP/IMAP Server. -- Fedora 16

[root@mail ~]# yum -y install dovecot [root@mail ~]# vi /etc/dovecot/dovecot.conf # line...

Create SSL Certficates for Mail server - Fedora 16

[root@www ~]# cd /etc/pki/tls/certs [root@www certs]# make server.key umask 77 ; \...

Configure Postfix and Dovecot for SSL - Fedora 16

[1] Create certifcate first. Click here[2] Configure Postfix and Dovecot for SSL [root@www ~]#...