Pptpd on Centos 6

How to install pptpd server on Centos 6

NOTE than pptpd is potentially unsecure and the tunnel can be decrypted with well-known methods. it's simple to configure and use. But we will not recommend to use it in enterprise environments.

install pptpd

you can install rpm like this way:

rpm -Uvh http://pptpclient.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
yum -y install pptpd

But it's recommended to add poptop repo first:

rpm --import http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP

edit the file /etc/yum.repos.d/poptop.repo

for x64 systems:

[poptop]
name=poptop CentOS
baseurl=http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/
gpgcheck=1
gpgkey=http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP
enabled=1
priority=30

for x86 systems:

[poptop]
name=poptop CentOS
baseurl=http://poptop.sourceforge.net/yum/stable/rhel6/i386/
gpgcheck=1
gpgkey=http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP
enabled=1
priority=30

note: change rhel6 to rhel5 if you in centos5

after simply install using yum

yum install pptpd

Edit IP setttings in /etc/pptpd.conf

localip 192.168.13.1
remoteip 192.168.13.101-200

Add users to file /etc/ppp/chap-secrets:

user1 pptpd p@sword1 "*"

Add dns in config file: /etc/ppp/options.pptpd

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Enable IP forwarding. Edit /etc/sysctl.conf

net.ipv4.ip_forward = 1

Save changes

sysctl -p

Add these rules to firewall 3 examples:

1 with no interface specified - compatible with routers

iptables -t nat -A POSTROUTING -s vpnIP.Addr.2.3/255.255.255.0 -j SNAT --to-source eth0IPAddr
iptables -A FORWARD -s vpnIP.Addr.2.3/255.255.255.0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS  --set-mss 1356

2 with MASQUERADING

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

3 without MASQUERADING

iptables -t nat -A POSTROUTING -s 192.168.13.0/24 -o eth0 -j SNAT --to ''<your_server_ip>''
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

save and restart iptables

iptables-save >/etc/sysconfig/iptables
service iptables restart

Start PPTP VPN server

service pptpd start

Set PPTP to start at boot:

chkconfig pptpd on

and also iptables ,for sure

chkconfig iptables on


if you cant connect and you see nothing in logs ( tail -f /var/log/messages ) - check your FW rules. For example the rule #-A INPUT -j REJECT --reject-with icmp-host-prohibited will block incoming pptpd client connection

 


Was this answer helpful?

 Print this Article

Also Read

Disabling selinux

Selinux annoying you? Get it out! How to disable selinux Open its config file nano...

Squid+Privoxy+Tor

How to install squid with tor [NOTE: According to vpsget.com AUP/TOS you can use private proxy...

nginx

How to install nginx on Centos Add nginx repo first. To add it, create the file...

FFmpeg on Centos 6

Install repo and ffmpeg # rpm -ihv...

Clear swap in Centos

Print memory usage [root@localhost]# free -m              total       used       free...