Setup Your Own Private VPN with PPTP

PPTP VPN Introduction

Tired of being geo blocked and not being able to watch your favorite TV series or movies on Hulu or Netflix? Maybe you're stuck behind a firewall at work or school and need unrestricted Internet access or extra privacy because you are using a public hotspot. Never fear, an easy to setup VPN solution is here! Setting up a PPTP is the fastest, least complicated VPN to setup. Coupled with a VPS plan from Mean Servers, you can ensure your connection is fast, secure, and IP address based in the United States. PPTP is also widely compatible with mobile devices in addition to all operating systems. PPTP is less secure than our OpenVPN setup (tutorial coming soon) but perfect for those who need a setup in a quick snap.

**READ THIS TUTORIAL IN IT'S ENTIRETY BEFORE BEGINNING. ENSURE YOU UNDERSTAND EACH STEP. THIS TUTORIAL IS PROVIDED AS-IS WITH NO GUARANTEE OR WARRANTY**


PPTP Installation

Before installing, ensure you are using CentOS 6.x 64-bit or Ubuntu 12.10 64-bit. This installation may work on other distributions but has not been tested.

If running CentOS 6.x x64 run the following commands:

rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd


If running Ubuntu 12.10 x64 run the following command:

apt-get install pptpd


PPTP is now installed on your Linux server.

PPTP Configurtion

Next you will need to setup PPTP. Edit /etc/pptpd.conf and add the following lines:

localip 10.0.0.1
remoteip 10.0.0.100-200


The localip acts as the gateway for the clients connecting to the server. The remoteip is a range of IP addresses assigned to clients connecting. These can be set to anything but should be not be public IP addresses.

Next you need to add a list of usernames and passwords of those authorized to login to your PPTP server by editing the /etc/ppp/chap-secrets file.

# Secrets for authentication using CHAP
# client                 server          secret                           IP addresses
<username>          pptpd          <password>                   *


Be sure to replace <username> and <password> with the username and password you wish to use respectively. The server value should remain pptpd and IP addresses an asterisk (*) unless you want specific IP addresses from the remoteip range assigned every time.

DNS Configuration

In order for the server to convert domains into the IP addresses computers better understand, you will need to setup the DNS settings. This is done by editing the /etc/ppp/pptpd-options file with the following:

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Start PPTP

PPTP has now been configured and the daemon is ready to be started. You can do so by running the following command:

service pptpd restart

Verify PPTP is running with the following command:

netstat -alpn | grep :1723

Setup IP Forwarding

IP forwarding must be setup in order for packets to be properly routed from the servers public IP address to the private ones assigned to your VPS clients. This can be done by editing /etc/sysctl.conf and ensuring the following is present:

net.ipv4.ip_forward = 1

Activate the changes to the sysctl.conf file by running the following command:

sysctl -p

Create the Network Address Translation (NAT) rule for iptables

Since you will be possibly using many private addresses to one public address, you must enable NAT by running the following command:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

If you would like each connected PPTP client to be able to talk to one another, run the following commands as well:

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Conclusion

You now have a working PPTP VPN server. Congratulations. You now need to setup your clients in order to connect to the PPTP server. This process varies depending on the operating system you are using. For Windows, there is a Step-by-Step Wizard to help you connect, the same goes for most mobile phones. If you are running a Linux operating system, you will need to install the pptp client software first, which is beyond the scope of this article.

Keep in mind, this tutorial is provided as-is and no guarantees or warranties come with it. If you completely mess up you server, it is not our fault. We do not provide free support for implementing this solution either as it has been provided as an education resource only.

  • 88 Users Found This Useful
Was this answer helpful?

Related Articles

Protect DirectAdmin from Brute Force Attacks

A common method of gaining access over a server is to use a technique called a brute force...

Changing Your Server's Time Zone

Changing the time zone that your server is set to is relatively simple and straight forward. In...

Synchronizing Your Server's Clock

Synchronizing your server's clock is not very difficult as there is a program that can be ran by...

Installing CSF (ConfigServer Security & Firewall)

The CSF, ConfigServer Security & Firewall, is a powerful firewall that is made for Linux...

Change Domain in DirectAdmin

This tutorial was written for those wishing to change their domain when using DirectAdmin as...