Scribd Logo
Upload

Welcome to Scribd!

  • 62 How To Setup VPN Using PPTP in Centos PDF

    Uploaded by

    Shahid Ashraf
    89 views5 pages
    62-how-to-setup-vpn-using-pptp-in-centos.pdf

    Original Title

    62-how-to-setup-vpn-using-pptp-in-centos.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    62-how-to-setup-vpn-using-pptp-in-centos.pdf

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    89 views5 pages

    62 How To Setup VPN Using PPTP in Centos PDF

    Uploaded by

    Shahid Ashraf
    62-how-to-setup-vpn-using-pptp-in-centos.pdf

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    How to Setup VPN using PPTP in CentOS

    Written by Aurangzeb
    Friday, 11 June 2010 04:31 - Last Updated Friday, 11 June 2010 04:34

    The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private
    networks (VPN).

    Apart from security, a PPTP VPN allows you to use a static ip address of your server for all your
    internet connection. A great way to get static ip if you are on an ISP that only provides dynamic
    ip to clients.As Windows XP, Windows VISTA, Windows 7, comes with a built-in PPTP Client,
    PPTP is the easiest way to use VPN without the requirement for any software installation.

    So how to install and configure a PPTP server on your CentOS 5 server.

    Prerequisite:

    Squid with Transparent proxy.

    Install poptop

    1st we need to install poptop as below.

    rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.


    noarch.rpm
    yum --enablerepo=poptop-stable install pptpd

    Configuring poptop

    1/5
    How to Setup VPN using PPTP in CentOS

    Written by Aurangzeb
    Friday, 11 June 2010 04:31 - Last Updated Friday, 11 June 2010 04:34

    Edit Vi /etc/pptpd.conf and add the lines to bottom:

    localip 10.10.1.1
    remoteip 10.10.1.2-254
    Here localip (10.10.1.1) is the ip which the clients connect to the server. It can be the
    primary ip address
    of your server.
    remoteip (10.10.1.2-254) is the ip address range that will be provided to the client
    connections.
    Commenting out remoteip worked fine with me which gives all connected connection the
    main ip (localip)
    of the server.

    Now edit Vi /etc/ppp/options.pptpd.


    Find the ms-dns entry, uncomment them and modify the dns ip address with your own dns like
    this:

    ms-dns 192.168.1.1
    ms-dns 192.168.3.1

    Let’s configure the Encryption section, make sure it looks like this:

    Vi /etc/ppp/options.pptpd.

    refuse-mschap
    require-mschap-v2
    require-mppe-128
    require-mppe

    Add PPTP VPN Client

    2/5
    How to Setup VPN using PPTP in CentOS

    Written by Aurangzeb
    Friday, 11 June 2010 04:31 - Last Updated Friday, 11 June 2010 04:34

    To add PPTP VPN clients you need to edit Vi /etc/ppp/chap-secrets and add an entry for each
    client in
    this way:

    USER pptpd PASSWORD "*"


    If you wish to provide a static dedicated ip to the client, put the line in this way:
    USER pptpd PASSWORD 10.10.1.2

    Run the following command to enable the pptpd to start automatically in runlevel 3 and 5:

    chkconfig --level 35 pptpd on

    Enabling Packet forwarding

    For pptpd to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf and

    change the line to:


    net.ipv4.ip_forward = 1

    To enable it immediately, run the following command:

    sysctl -p

    3/5
    How to Setup VPN using PPTP in CentOS

    Written by Aurangzeb
    Friday, 11 June 2010 04:31 - Last Updated Friday, 11 June 2010 04:34

    Configuring IPtables for PPTP

    Now we need to setup iptables:

    #!/bin/bash
    /sbin/iptables -F
    /sbin/iptables -t nat -F
    /sbin/iptables -t mangle -F
    /sbin/iptables -X
    /sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
    /sbin/iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
    /sbin/iptables -A FORWARD -i eth2 -j ACCEPT
    /sbin/iptables -A INPUT -i eth2 -p tcp --dport 1723 -j ACCEPT
    /sbin/iptables -A INPUT -i eth2 -p gre -j ACCEPT
    /sbin/iptables -A FORWARD -i ppp+ -o eth2 -j ACCEPT
    /sbin/iptables -A FORWARD -i eth2 -o ppp+ -j ACCEPT
    /sbin/iptables -A OUTPUT -p tcp --dport 1723 -j ACCEPT
    /sbin/iptables -A OUTPUT -p gre -j ACCEPT
    #/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT --to-port 3128
    /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to X.X.X.X
    echo 1 > /proc/sys/net/ipv4/ip_forward

    MTU size

    In order to make the live chats (yahoo, msn, google, etc) work as it should we need to modify
    the
    default MTU, this is done by adding the following line into /etc/ppp/ip-up:

    ifconfig $1 mtu 1400

    4/5
    How to Setup VPN using PPTP in CentOS

    Written by Aurangzeb
    Friday, 11 June 2010 04:31 - Last Updated Friday, 11 June 2010 04:34

    Add it before “exit 0″, don’t add it after “exit 0″, if you do then this command will be ignored, exit
    0
    stands for “The script ends here”.

    Starting pptpd service

    Finally start the service.

    service pptpd start

    5/5

    You might also like