PPTP or PopTop is a
vpn implementation that is rather similar to OpenVPN. The difference is that PPTP is quite a bit less
secure than OpenVPN, as it is not encrypted.
That said, if you need quick VPN solution that’s easy and hassle free to set
up, PPTP is the obvious choice.
Install PPTP just right this command on your terminal(ubuntu, for centos or other linux os command will be different).
sudo apt-get install pptpd
That will install the
PPTP daemon and some of its dependencies.
After Installation successfully Configure the /etc/pptpd.conf file.
Go to terminal and right command vi /etc/pptpd.conf and change following values
Go to terminal and right command vi /etc/pptpd.conf and change following values
localip
192.168.1.1 #Your VPN
Server IP
remoteip 192.168.1.100-120 #Clients IP which will assigned by vpn
remoteip 192.168.1.100-120 #Clients IP which will assigned by vpn
Now, Configure another file /etc/ppp/pptpd-options as follows:
{codecitation}name Private.VPN
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 192.168.1.1 #your
gateway IP
proxyarp
nodefaultroute
lock
nobsdcomp
noipx
mtu 1490
mru 1490{/codecitation}
Only you need to be change the value of ms-dns same as your gateway IP.
Now just create VPN User accounts editing this file /etc/ppp/chap-secrets.
Now just create VPN User accounts editing this file /etc/ppp/chap-secrets.
Default template looks like:
# client server secret IP addresses
user * password *
Examples:
User name: haroon
Password: itrecess
Your file will be like this:
User name: haroon
Password: itrecess
Your file will be like this:
# client server secret IP addresses
haroon * itrecess *
Specify your users
according to that format and you’re almost done. You need to restart pptp server.
/etc/init.d/pptpd restart
With that, your pptp
server setup is complete. If your pptp server not started successfully just take a look of log file /var/log/syslog.
Firewall
Add Following firewall
rules also and test it.
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p 47 -j ACCEPT
iptables -A OUTPUT -p 47 -j ACCEPT
Now You can connect to this VPN server from almost any VPN client that exists and test it.
No comments:
Post a Comment