The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks (VPN).<\/p>\n
Apart from security, a PPTP VPN allows you to use a static ip address of your server for all your internet connection. A great way to get static ip if you are on an ISP that only provides dynamic ip to clients.<\/p>\n
As Windows XP, Windows VISTA, Windows 7, iPhone, iPod Touch, iPad everything comes with a built-in PPTP Client, PPTP is the easiest way to use VPN without the requirement for any software installation.<\/p>\n
I personally find paying $5-$10 for a VPN account from the VPN Account\/Service Provider when you can grab a VPS at $10 or Dedicated Web Server at $49. Specially if you already have a dedicated server running for some purposes.<\/p>\n
So here is a quick setup guide to install and configure a PPTP server on your CentOS 5 server. It will take just around 5 minutes.<\/p>\n
1st we need to install poptop. Edit \/etc\/pptpd.conf<\/strong> and add the lines to bottom: Now edit \/etc\/ppp\/options.pptpd<\/strong>. Let\u00e2\u20ac\u2122s configure the Encryption section, make sure it looks like this: To add PPTP VPN clients you need to edit \/etc\/ppp\/chap-secrets<\/strong> and add an entry for each client in this way: If you wish to provide a static dedicated ip to the client, put the line in this way: Run the following command to enable the pptpd to start automatically in runlevel 3 and 5: For pptpd to work, the packet forwarding must be enabled. Edit \/etc\/sysctl.conf<\/strong> and change the line to: To enable it immediately, run the following command: Now we need to setup iptables: In order to make the live chats (yahoo, msn, google, etc) work as it should we need to modify the default MTU, this is done by adding the following line into \/etc\/ppp\/ip-up<\/strong>: Finally start the service. Enjoy VPN on your own server :)<\/p>\n","protected":false},"excerpt":{"rendered":" The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks (VPN). Apart from security, a PPTP VPN allows you to use a static ip address of your server for all your internet connection. A great way to get static ip if you are on an ISP that only provides dynamic ip to […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,9,13],"tags":[213,126,215,127,214],"class_list":["post-1295","post","type-post","status-publish","format-standard","hentry","category-tech","category-tips","category-tutorials","tag-centos","tag-linux","tag-pptp","tag-unix","tag-vpn"],"_links":{"self":[{"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/posts\/1295","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/comments?post=1295"}],"version-history":[{"count":0,"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/posts\/1295\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/media?parent=1295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/categories?post=1295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dotcomunderground.com\/blogs\/wp-json\/wp\/v2\/tags?post=1295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nrpm -Uvh http:\/\/poptop.sourceforge.net\/yum\/stable\/rhel5\/pptp-release-current.noarch.rpm<\/code>
\nyum --enablerepo=poptop-stable install pptpd<\/code><\/p>\n
\nlocalip 10.10.1.1<\/code>
\nremoteip 10.10.1.2-254<\/code>
\nHere localip<\/strong> (10.10.1.1) is the ip which the clients connect to the server. It can be the primary ip address of your server.
\nremoteip<\/strong> (10.10.1.2-254) is the ip address range that will be provided to the client connections.
\nCommenting out remoteip worked fine with me which gives all connected connection the main ip (localip) of the server.<\/p>\n
\nFind the ms-dns entry, uncomment them and modify the dns ip address with your own dns like this:
\nms-dns 192.168.1.1<\/code>
\nms-dns 192.168.3.1<\/code>
\nRemember to replace 192.168.1.1 and 3.1 with your own dns servers, this will be allocated to the connecting clients.<\/p>\n
\nrefuse-mschap<\/code>
\nrequire-mschap-v2<\/code>
\nrequire-mppe-128<\/code>
\nrequire-mppe<\/code><\/p>\n
\nUSER pptpd PASSWORD \"*\"<\/code><\/p>\n
\nUSER pptpd PASSWORD 10.10.1.2<\/code><\/p>\n
\nchkconfig --level 35 pptpd on<\/code><\/p>\n
\nnet.ipv4.ip_forward = 1<\/code><\/p>\n
\nsysctl -p<\/code><\/p>\n
\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE<\/code>
\niptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT<\/code>
\niptables -A INPUT -i eth0 -p gre -j ACCEPT<\/code>
\niptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT<\/code>
\niptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT<\/code>
\niptables -A OUTPUT -p tcp --dport 1723 -j ACCEPT<\/code>
\niptables -A OUTPUT -p gre -j ACCEPT<\/code><\/p>\n
\nifconfig $1 mtu 1400<\/code>
\nAdd it before \u00e2\u20ac\u0153exit 0\u00e2\u20ac\u00b3, don\u00e2\u20ac\u2122t add it after \u00e2\u20ac\u0153exit 0\u00e2\u20ac\u00b3, if you do then this command will be ignored, exit 0 stands for \u00e2\u20ac\u0153The script ends here\u00e2\u20ac\u009d. <\/p>\n
\nservice pptpd start<\/code><\/p>\n