March 20

Setting up a pptp vpn server on Debian and Ubuntu

Yesterday I decided to setup a vpn server so a friend and I could play some coop mode on call of duty 5. This was so easy to setup I thought I would share it with the rest of the world:

Step 1.  Installing pptpd – the pptpd is the daemon that runs the pptp server. To install this just use apt-get:

$ apt-get install ssh pptpd -y

Step2. Next you will need to modify the pptpd.conf

$ vi /etc/pptpd.conf

Then scroll down to the bottom and modify the following lines with the subnets you would like assigned:

# (Recommended)
#localip 192.168.0.1
#remoteip 192.168.0.234-238,192.168.0.245
# or
localip 192.168.2.0
remoteip 192.168.2.2-238,192.168.2.245

Step 3. The vpn server is now configured and now you must setup authenticated users:

$ vi /etc/ppp/chap-secrets

The config file is very straight forward and I have an example of a user included:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
clown           pptpd  bigshoes               "*"

Step 4. When pptpd was installed it started automatically so we will need to restart it to apply the changes:

$ /etc/init.d/pptpd restart

Then just to make sure all is good lets check to make sure the service is listening:

 $ netstat -anp | grep pptpd
tcp        0      0 0.0.0.0:1723            0.0.0.0:*               LISTEN      7565/pptpd
unix  2      [ ]         DGRAM                    15781    7565/pptpd

If you see a listen on port 1723 you are ready to connect.

Optional: Now, if you would like to add internet access over this vpn, you can do this:

 $ vi /etc/sysctl.conf

and find the line for ipv4 forwarding and make sure it = 1:

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

The use iptables to get the net forwarded:

$ /sbin/iptables -P FORWARD ACCEPT
$ /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

Optionally you can install bind9 and have a DNS resolver you can use for the vpn connection:

$ apt-get install bind9 -y

Then start it:

$ /etc/init.d/bind9 start

The configuration of the vpn client that is connecting can be modified to use this DNS resolver now to allow for more control.

Connecting to the vpn from a Windows 7 client ( Click images to zoom in):

Step 1. Open the Network and Sharing center

Step 2. Set up a new connection or network

Step 3. Connect to a workplace

Step 4. No create a new connection if other connections exist

Step 5. Use my internet cconnection:

Step 6. Enter the internet address and name of the vpn connection

Step 7. Enter the username and password:

Step 8. Connect!!

This should pretty much cover all you need for the installation of a basic Debian or Ubuntu PPTP vpn server. Enjoy!

Tags: , , , , , , ,
Copyright © 2014. All rights reserved.

Posted March 20, 2010 by Dustin Larmeir in category Linux

32 thoughts on “Setting up a pptp vpn server on Debian and Ubuntu

  1. Pingback: What is Personal VPN ? | Personal VPN

  2. Pingback: What are the advantages of Personal VPN instead of anonymous proxy? | Personal VPN

  3. Pingback: Personal VPN

  4. Ralph A. Thomas-Smythe

    Hi, this is a very good How To. It is just what I was looking for. Thanks.

    I do have a question though. The ISP for my server does not provide a static IP address, so I will need to use a DNS resolver. Could you explain how to deal with the DNS resolver on the Windows 7 client?

    Thank you very much.

    rats

  5. heigren

    Great tutorial, but I have a little problem! It seems that my server does not have kernel support for PPP. Do you know how to fix it?

    Here’s the error:

    pppd: This system lacks kernel support for PPP. This could be because
    the PPP kernel module could not be loaded, or because PPP was not
    included in the kernel configuration. If PPP was included as a
    module, try `/sbin/modprobe -v ppp’. If that fails, check that
    ppp.o exists in /lib/modules/`uname -r`/net.
    See README.linux file in the ppp distribution for more details.

  6. Ali

    Hey,

    Ive tried this but unfortunately it wont seem to connect from windows 7 ..? any ideas on what the problemmay be.?

  7. Pingback: Pptp vpn

  8. hamed

    hi there

    I tried to do all you siad, but when I edit pptpd.conf , pptpd server stop working and don’t start working again, till I replace it with the original one, would you help me, please?

    send me pptpd.conf edited one if you can;)

  9. Bjørn Idar Kristiansen

    Hi!

    I’m using a mobile broadband as the internet connection for my VPN-tunnel.
    The internet connection is up, and a ddclient is updating dyndns with the correct public IP-address.

    But how should I configure my pptpd.conf (remote ip)?

  10. sa144

    I have set up PPTP VPN server on ubuntu.
    But accounts are open for concurrent simultaneous connections. means there can be many users using one account at the time.
    i need to limit that to one user at the time.
    anybody knows how it can be done?

  11. Lukas

    Hello there. Thanks for very nice PPTP VPN manual. I got just one question. IS it possible to monitor users traffic on VPN ? Give users quota for VPN ? Problem is on my server is users making too mutch traffic and i need to stop this. Thanks for any help. lu

  12. Suhas

    Hi

    The tutorial worked great, just one issue. When I connect with XP, how can configure the VPN connection to use Default Internet Connection’s DNS settings? I think the new VPN connection is trying to locate it’s own DNS and failing and hence loosing all the Internet.

    Can you please help?

    Thx

  13. Pingback: VOIP, Asterisk, SIP and Ubuntu « Bangladesh Android IOS developer

  14. Pingback: creating VPN problem

  15. Pingback: VOIP, Asterisk, SIP and Ubuntu | Research Paper and Publication

  16. Pingback: Install PPTP server on Ubuntu 12.04 | 凡人牧白

  17. Ththhtht

    thanks
    $ /sbin/iptables -P FORWARD ACCEPT
    $ /sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

    worked for me!

  18. Pingback: 우분투 pptp VPN 서버 구축하기. | Rathole - Vr4t's Lab.

  19. Pingback: 우분투 pptp vpn 서버 구축 | Vr4t's Lab - Rathole

  20. Ththhtht

    hi again, after restarting the server i need to manually input
    $ /sbin/iptables -P FORWARD ACCEPT
    $ /sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE

    is there a way to make this permanently ?

  21. SP

    add it to the end of /etc/rc.local right before exit 0


    Ththhtht:

    hi again, after restarting the server i need to manually input
    $ /sbin/iptables -P FORWARD ACCEPT
    $ /sbin/iptables –table nat -A POSTROUTING -o eth0 -j MASQUERADE
    is there a way to make this permanently ?

  22. Oliver Mercado

    Hi I tested your config and it works great. I tested it on a LAN environment. I have this problem on how to reach from my LAN computers to the computers connecting via pptp vpn.

    pc======Lan========PPT Server ===== vpn clients

    basically I want to connect using rdp from pc in my lan going to vpn clients. I can ping the ip of the vpn client but I can’t connect using rdp.

Leave a Comment

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>