First, you need to install the PPTP daemon (server), and we are going to use apt-get to install it.
1
apt-get install pptpd
Once it is installed, let’s create user accounts for your VPN server by editing the chap-secrets file. Use any editor you like, I personally prefer Nano.
1
nano -w /etc/ppp/chap-secrets
Each users should be added in new line with following structure
1
yourusername pptpd yourpassword *
Next step is to configure localip/remoteip assignment on pptpd.conf
1
nano -w /etc/pptpd.conf
Since my local router is on 192.168.0.1, I wanted to avoid using the same IP assignment for my VPN connection. so I’m using 192.168.111.xxx instead on pptpd.conf
1
2
localip 10.10.0.1
remoteip 10.10.0.5-100

Save the file and exit the editor. Now edit the ppp configuration file:
pico -w /etc/ppp/pptpd-options
add the following at the end of file:
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
#ms-dns 8.8.4.4
proxyarp
nodefaultroute
lock
nobsdcomp
mtu 1490
mru 1490

Now, let’s get IP forwarding working by editing sysctl.conf file
1
nano -w /etc/sysctl.conf
then uncomment this line
1
net.ipv4.ip_forward=1
Save the file and reload the configuration.
1
sysctl -p
Next is to edit rc.local file for iptables rule
1
nano -w /etc/rc.local
Add the iptables rule to create the NAT between eth0 and ppp interfaces:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT
Note that iptables MASQUERADE doesn’t work on OpenVZ VPS containers. Works on KVM and XEN.
If you use OpenVZ, you need to use iptables SOURCE like this:
iptables -t nat -A POSTROUTING -j SNAT --to-source <Public Server IP>
now restart pptpd by running:
service pptpd restart
Label: ,

Post a Comment

Author Name

Formulir Kontak

Name

Email *

Message *

Powered by Blogger.