How to Install PPTP VPN on Linux
Setting up a PPTP VPN server on a Linux machine is a straightforward process. This guide will walk you through the steps required to get your VPN server up and running.
Step 1: Install PPTPD
PPTP depends on the PPP
and PPTPD
packages. To install them, run the following commands:
yum install pptpd
Or, download and install the PPTPD package using:
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm
rpm -Uhv pptpd-1.4.0-1.el6.x86_64.rpm
Step 2: Configure PPTPD
After installation, you’ll need to configure the PPTPD server. Start by editing the IP settings in the /etc/pptpd.conf
file:
nano /etc/pptpd.conf
Add or modify the following lines:
localip 192.168.0.1 # Server's primary IP
remoteip 192.168.0.100-200
Next, update the DNS settings in the /etc/ppp/options.pptpd
file:
nano /etc/ppp/options.pptpd
Add the following lines:
ms-dns 8.8.8.8
ms-dns 8.8.4.4
Step 3: Create a VPN User
To allow access to the VPN server, you’ll need to create a user account. Add the user credentials in the /etc/ppp/chap-secrets
file:
nano /etc/ppp/chap-secrets
Insert the following line:
username pptpd password *
Replace username
and password
with your desired credentials.
Step 4: Enable IP/Network Forwarding
IP forwarding is essential for routing packets between VPN clients and the internet. Enable IP forwarding by editing the /etc/sysctl.conf
file:
nano /etc/sysctl.conf
Uncomment or add the following line:
net.ipv4.ip_forward = 1
To apply the changes, run:
sysctl -p
Step 5: Configure IPTables for NAT
NAT (Network Address Translation) allows VPN clients to access the internet through the server’s public IP. First, identify your network interface (e.g., eth0
, ens33
) by using the ifconfig
command.
Assuming your network interface is eth0
, add the following IPTables rules:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT
Save these rules to ensure they persist after a reboot.
Step 6: Start and Enable the PPTPD Service
Finally, start the PPTPD service and enable it to run at boot:
systemctl start pptpd
systemctl enable pptpd
Your PPTP VPN server is now set up and ready to use. You can connect to it using any PPTP VPN client with the user credentials created earlier.