I’m moving to Japan very soon and remembered that Google Voice won’t be working once I step onto Land of the Rising Sun. So I figured I should setup a VPN tunneling for me to access services that is available only in the US. Setting up PPTPD is fairly easy and straight forward. I’m using SoftLayer BYOC (Build Your Own Cloud) which cost $70/month for 2TB bandwidth (inbound bandwidth is free – unlike Rackspace cloud).
I picked the Ubuntu 10.04 Lucid Lynx for this example, but you can use any distro you prefer.
First, you need to install the PPTP daemon (server), and we are going to use apt-get to install it.
apt-get install pptpd
Once it is installed, let’s create user accounts for your VPN server by editing the chap-secrets file. Use any editor you like, I personally prefer Nano.
nano -w /etc/ppp/chap-secrets
Each users should be added in new line with following structure
yourusername pptpd yourpassword *
Next step is to configure localip/remoteip assignment on pptpd.conf
nano -w /etc/pptpd.conf
Since my local router is on 192.168.0.1, I wanted to avoid using the same IP assignment for my VPN connection. so I’m using 192.168.111.xxx instead on pptpd.conf
localip 192.168.111.1 remoteip 192.168.111.234-238,192.168.111.245
Now, let’s get IP forwarding working by editing sysctl.conf file
nano -w /etc/sysctl.conf
then uncomment this line
net.ipv4.ip_forward=1
Save the file and reload the configuration.
sysctl -p
Next is to edit rc.local file for iptables rule
nano -w /etc/rc.local
Add these line right above exit line. (eth1 is my public ethernet port, adjust as needed)
/sbin/iptables -t nat -A POSTROUTING -s 192.168.111.0/24 -o eth1 -j MASQUERADE /sbin/iptables -I FORWARD -p tcp -syn -i ppp+ -j TCPMSS -set-mss 1356
Last but not least, let’s define the DNS to use with our pptpd. Currently I’m using Google Public DNS – It is fast and reliable; I know some of you prefer OpenDNS.
nano -w /etc/ppp/options
Uncomment the entries with ms-dns 192.168.1.1 and 192.168.1.2 then replace the IP with Google Public DNS IPs so it look like this
ms-dns 8.8.8.8 ms-dns 8.8.4.4
You are done! Next is just reboot your server and you should be able to connect to using PPTPD and send all your traffic thru this server. For more pptpd.conf reference, you can find them here.
If you have tips,comment, or unable to get it to work feel free to post them here. Next I will post a tutorial on how to setup a proxy server using squid.
4 replies on “How to setup pptp VPN server on Linux [Tutorial]”
Thanks this helped me 🙂 One correction, your set MSS command should be something like:
iptables -I FORWARD -p tcp –tcp-flags SYN,RST SYN -i ppp+ -j TCPMSS –set-mss 1356
(at least on Ubuntu 14.04 that is…)
Thanks for the info!
Is the ppp0 interface suppose to appear right after running ‘pptpd’ ?
Because I do ifconfig and only see the eth0 and eth1 but no ppp0
No, it goes up right after the client connects