Join dotcomUNDERGROUND on Facebook Follow dotcomUNDERGROUND on Twitter Get updates by email dotcomUNDERGROUND RSS Feed
Saturday, April 10th, 2010

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks (VPN).

Apart from security, a PPTP VPN allows you to use a static ip address of your server for all your internet connection. A great way to get static ip if you are on an ISP that only provides dynamic ip to clients.

As Windows XP, Windows VISTA, Windows 7, iPhone, iPod Touch, iPad everything comes with a built-in PPTP Client, PPTP is the easiest way to use VPN without the requirement for any software installation.

I personally find paying $5-$10 for a VPN account from the VPN Account/Service Provider when you can grab a VPS at $10 or Dedicated Web Server at $49. Specially if you already have a dedicated server running for some purposes.

So here is a quick setup guide to install and configure a PPTP server on your CentOS 5 server. It will take just around 5 minutes.

1st we need to install poptop.
rpm -Uvh
yum --enablerepo=poptop-stable install pptpd

Edit /etc/pptpd.conf and add the lines to bottom:
Here localip ( is the ip which the clients connect to the server. It can be the primary ip address of your server.
remoteip ( is the ip address range that will be provided to the client connections.
Commenting out remoteip worked fine with me which gives all connected connection the main ip (localip) of the server.

Now edit /etc/ppp/options.pptpd.
Find the ms-dns entry, uncomment them and modify the dns ip address with your own dns like this:
Remember to replace and 3.1 with your own dns servers, this will be allocated to the connecting clients.

Let’s configure the Encryption section, make sure it looks like this:

To add PPTP VPN clients you need to edit /etc/ppp/chap-secrets and add an entry for each client in this way:

If you wish to provide a static dedicated ip to the client, put the line in this way:

Run the following command to enable the pptpd to start automatically in runlevel 3 and 5:
chkconfig --level 35 pptpd on

For pptpd to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf and change the line to:
net.ipv4.ip_forward = 1

To enable it immediately, run the following command:
sysctl -p

Now we need to setup iptables:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
iptables -A OUTPUT -p tcp --dport 1723 -j ACCEPT
iptables -A OUTPUT -p gre -j ACCEPT

In order to make the live chats (yahoo, msn, google, etc) work as it should we need to modify the default MTU, this is done by adding the following line into /etc/ppp/ip-up:
ifconfig $1 mtu 1400
Add it before “exit 0″, don’t add it after “exit 0″, if you do then this command will be ignored, exit 0 stands for “The script ends here”.

Finally start the service.
service pptpd start

Enjoy VPN on your own server :)

Join dotcomUNDERGROUND on Facebook Follow dotcomUNDERGROUND on Twitter Get updates by email dotcomUNDERGROUND RSS Feed
Get updates delivered to your email:  Enter email address:  

Tags: , , , ,
Categories: Tech, Tips and Tricks, Tutorials

Sorry, comments for this entry are closed at this time.

Get Update Notifications

 Subscribe in a reader Or, subscribe via email:
Enter your email address:  
Find entries :

Browse by Tags »