Pptpd on Centos 6

How to install pptpd server on Centos 6

NOTE than pptpd is potentially unsecure and the tunnel can be decrypted with well-known methods. it's simple to configure and use. But we will not recommend to use it in enterprise environments.

install pptpd

you can install rpm like this way:

rpm -Uvh http://pptpclient.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
yum -y install pptpd

But it's recommended to add poptop repo first:

rpm --import http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP

edit the file /etc/yum.repos.d/poptop.repo

for x64 systems:

[poptop]
name=poptop CentOS
baseurl=http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/
gpgcheck=1
gpgkey=http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP
enabled=1
priority=30

for x86 systems:

[poptop]
name=poptop CentOS
baseurl=http://poptop.sourceforge.net/yum/stable/rhel6/i386/
gpgcheck=1
gpgkey=http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP
enabled=1
priority=30

note: change rhel6 to rhel5 if you in centos5

after simply install using yum

yum install pptpd

Edit IP setttings in /etc/pptpd.conf

localip 192.168.13.1

remoteip 192.168.13.101-200

Add users to file /etc/ppp/chap-secrets:

user1 pptpd p@sword1 "*"

Add dns in config file: /etc/ppp/options.pptpd

ms-dns 8.8.8.8

ms-dns 8.8.4.4

Enable IP forwarding. Edit /etc/sysctl.conf

net.ipv4.ip_forward = 1

Save changes

sysctl -p

Add these rules to firewall 3 examples:

1 with no interface specified - compatible with routers

iptables -t nat -A POSTROUTING -s vpnIP.Addr.2.3/255.255.255.0 -j SNAT --to-source eth0IPAddr
iptables -A FORWARD -s vpnIP.Addr.2.3/255.255.255.0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS  --set-mss 1356

2 with MASQUERADING

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

3 without MASQUERADING

iptables -t nat -A POSTROUTING -s 192.168.13.0/24 -o eth0 -j SNAT --to ''<your_server_ip>''
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

save and restart iptables

iptables-save >/etc/sysconfig/iptables
service iptables restart

Start PPTP VPN server

service pptpd start

Set PPTP to start at boot:

chkconfig pptpd on

and also iptables ,for sure

chkconfig iptables on


if you cant connect and you see nothing in logs ( tail -f /var/log/messages ) - check your FW rules. For example the rule #-A INPUT -j REJECT --reject-with icmp-host-prohibited will block incoming pptpd client connection

 


Was this answer helpful?

 Print this Article

Also Read

Set hostname

Set host name on Centos: /etc/sysconfig/network   HOSTNAME="mycomputer"...

nginx

How to install nginx on Centos Add nginx repo first. To add it, create the file...

Epel Centos

Some packages are missing from the base repository. This guide shows how to install RHEL EPEL...

Mysql

Installing mysql: yum install mysql-server Enter to mysql: mysql -u user -p password...

Changing mac address in VMware

In Centos: 1. Edit old mac HWADDR=XX:XX:XX:XX:XX:XX in the file...