I’m moving to Japan very soon and remembered that Google Voice won’t be working once I step onto Land of the Rising Sun. So I figured I should setup a VPN tunneling for me to access services that is available only in the US. Setting up PPTPD is fairly easy and straight forward. I’m using SoftLayer BYOC (Build Your Own Cloud) which cost $70/month for 2TB bandwidth (inbound bandwidth is free – unlike Rackspace cloud).

I picked the Ubuntu 10.04 Lucid Lynx for this example, but you can use any distro you prefer.

First, you need to install the PPTP daemon (server), and we are going to use apt-get to install it.

apt-get install pptpd

Once it is installed, let’s create user accounts for your VPN server by editing the chap-secrets file. Use any editor you like, I personally prefer Nano.

nano -w /etc/ppp/chap-secrets

Each users should be added in new line with following structure

yourusername pptpd yourpassword *

Next step is to configure localip/remoteip assignment on pptpd.conf

nano -w /etc/pptpd.conf

Since my local router is on 192.168.0.1, I wanted to avoid using the same IP assignment for my VPN connection. so I’m using 192.168.111.xxx instead on pptpd.conf

localip 192.168.111.1
remoteip 192.168.111.234-238,192.168.111.245

Now, let’s get IP forwarding working by editing sysctl.conf file

nano -w /etc/sysctl.conf

then uncomment this line

net.ipv4.ip_forward=1

Save the file and reload the configuration.

sysctl -p

Next is to edit rc.local file for iptables rule

nano -w /etc/rc.local

Add these line right above exit line. (eth1 is my public ethernet port, adjust as needed)

/sbin/iptables -t nat -A POSTROUTING -s 192.168.111.0/24 -o eth1 -j MASQUERADE
/sbin/iptables -I FORWARD -p tcp -syn -i ppp+ -j TCPMSS -set-mss 1356

Last but not least, let’s define the DNS to use with our pptpd. Currently I’m using Google Public DNS – It is fast and reliable; I know some of you prefer OpenDNS.

nano -w /etc/ppp/options

Uncomment the entries with ms-dns 192.168.1.1 and 192.168.1.2 then replace the IP with Google Public DNS IPs so it look like this

ms-dns 8.8.8.8
ms-dns 8.8.4.4

You are done! Next is just reboot your server and you should be able to connect to using PPTPD and send all your traffic thru this server. For more pptpd.conf reference, you can find them here.

If you have tips,comment, or unable to get it to work feel free to post them here. Next I will post a tutorial on how to setup a proxy server using squid.

4 Comments

  1. Tom Wells August 18, 2016 at 6:11 pm

    Thanks this helped me 🙂 One correction, your set MSS command should be something like:
    iptables -I FORWARD -p tcp –tcp-flags SYN,RST SYN -i ppp+ -j TCPMSS –set-mss 1356
    (at least on Ubuntu 14.04 that is…)

    Reply
    1. Ewdison Then - Site Author August 20, 2016 at 10:57 pm

      Thanks for the info!

      Reply
  2. Carlos A February 19, 2017 at 3:45 am

    Is the ppp0 interface suppose to appear right after running ‘pptpd’ ?
    Because I do ifconfig and only see the eth0 and eth1 but no ppp0

    Reply
    1. Omar Khalil May 12, 2019 at 2:58 pm

      No, it goes up right after the client connects

      Reply

Leave A Comment

Your email address will not be published. Required fields are marked *