Install PPTP Server di VPS Debian

First, you need to install the PPTP daemon (server), and we are going to use apt-get to install it.

1	apt-get install pptpd

Once it is installed, let’s create user accounts for your VPN server by editing the chap-secrets file. Use any editor you like, I personally prefer Nano.

1	nano -w /etc/ppp/chap-secrets

Each users should be added in new line with following structure

1	yourusername pptpd yourpassword *

Next step is to configure localip/remoteip assignment on pptpd.conf

1	nano -w /etc/pptpd.conf

Since my local router is on 192.168.0.1, I wanted to avoid using the same IP assignment for my VPN connection. so I’m using 192.168.111.xxx instead on pptpd.conf

1 2	localip 10.10.0.1 remoteip 10.10.0.5-100

Save the file and exit the editor. Now edit the ppp configuration file:

pico -w /etc/ppp/pptpd-options

add the following at the end of file:

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
#ms-dns 8.8.4.4
proxyarp
nodefaultroute
lock
nobsdcomp
mtu 1490
mru 1490

Now, let’s get IP forwarding working by editing sysctl.conf file

1	nano -w /etc/sysctl.conf

then uncomment this line

1	net.ipv4.ip_forward=1

Save the file and reload the configuration.

1

sysctl -p

Next is to edit rc.local file for iptables rule

1	nano -w /etc/rc.local

Add the iptables rule to create the NAT between eth0 and ppp interfaces:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT

Note that iptables MASQUERADE doesn’t work on OpenVZ VPS containers. Works on KVM and XEN.
If you use OpenVZ, you need to use iptables SOURCE like this:

iptables -t nat -A POSTROUTING -j SNAT --to-source <Public Server IP>

now restart pptpd by running:

service pptpd restart