Nowadays everyone can afford a VPS – its prices start from $5 per month. Today I will describe the process of setting a PPTP VPN server, that can be used to secure your own Internet connection. If you’re paying for a VPS or even for a server – why paying more for a separate VPN access if you can set it up in 15 minutes on your own server?
I will describe the setup process for PPTP VPN server. This is the shortest, yet most convenient way to get a VPN that would be accessible through PCs or mobile devices. There are just 7 steps. Ok, let’s start.
1. First of all, we’ll need ppp if you don’t have it yet. So let’s install it with yum install ppp.
2. We’ll need pptpd. You should search for latest version here: http://poptop.sourceforge.net/yum/stable/packages/ . At the moment of writing this post, the most recent version for Centos 6 was pptpd-1.4.0-1. Use wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm to download it and rpm -Uhv pptpd-1.4.0-1.el6.x86_64.rpm to install it.
3. Let’s modify pptpd config file: /etc/pptpd.conf . The easiest way is to uncomment the following lines (you can find them near the end of file):
# (Recommended)
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245
4. Set up authentication details for users that will use this VPN connection. Open /etc/ppp/chap-secrets with your favorite editor and add the following line:
# Secrets for authentication using CHAP
# client server secret IP addresses
username * password *
You just need to replace username and password with your own details. You can add as many users as you like, each of them should be from new line.
5. Enable network forwarding inĀ /etc/sysctl.conf . Set net.ipv4.ip_forward = 1 instead of net.ipv4.ip_forward = 0 (default setting). Use sysctl -p to apply the change. You may receive some warning messages – just ignore them.
6. Configure iptables. Just input the following commands one by one.
iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
You may be disconnected while trying to input iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE and service iptables restart commands, so you will need to reconnect.
7. All done! Start pptpd with service pptpd start.
Now you can test your VPN connection using any client (PC, Android, Linux, etc).
