Introduction


In this article we show you how to install and properly configure a PPTP VPN server in your virtual private server (VPS). With this VPN you'll have access to transfering your data encrypted and using a virtual ethernet interface that uses your Virtual Private Server's IP address. This tunneling technology is compatible with several devices like desktop operating systems, mobile phones and tables. We will be using Centos 6.4 64 Bits as our host operating system.

First make sure you begin with a clean install by removing any previously installed packages:

yum remove -y pptpd ppp
iptables --flush POSTROUTING --table nat
iptables --flush FORWARD
rm -rf /etc/pptpd.conf
rm -rf /etc/ppp

Initial PPTP Packages


First, install the poptop package from sourceforge:

rpm -Uhv http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install make libpcap iptables gcc-c++ logrotate tar cpio perl pam tcp_wrappers dkms kernel_ppp_mppe ppp pptpd


Now, we need to enable IP forwading, set internal IP addresses and point the DNS Servers that will be used by the pptp server:

mknod /dev/ppp c 108 0
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "mknod /dev/ppp c 108 0" >> /etc/rc.local
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> /etc/rc.local
echo "localip 172.16.36.1" >> /etc/pptpd.conf
echo "remoteip 172.16.36.2-254" >> /etc/pptpd.conf
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 8.8.4.4" >> /etc/ppp/options.pptpd


Then, create your users credentials for the PPTP server. This credentials will be used to log in to the PPTP server on every client/device you connect from:

vi /etc/ppp/chap-secrets


Your chap-secrets file should look like this:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
yourusername    pptpd   yourpassword            *


Save and close the file.

Next, you need to add the following iptables rules in order to open the correct ports and properly forward the data packets:

# VPN rules (pptpd)
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -p tcp -s 172.16.36.0/24 -j TCPMSS --syn --set-mss 1356


Save and restart your iptables firewall:

service iptables save
service iptables restart


Make sure you load your iptables after every reboot:

chkconfig iptables on
chkconfig pptpd on


And finally, restart iptables and pptpd services:

service iptables start
service pptpd start
 

Test on a Miami VPS Now

or

Deploy on a Miami Dedicated Server

Var dette svaret til hjelp? 9 brukere syntes dette svaret var til hjelp (18 Stemmer)