Setting up a pptp vpn server on Debian and Ubuntu
Yesterday I decided to setup a vpn server so a friend and I could play some coop mode on call of duty 5. This was so easy to setup I thought I would share it with the rest of the world:
Step 1. Installing pptpd – the pptpd is the daemon that runs the pptp server. To install this just use apt-get:
$ apt-get install ssh pptpd -y
Step2. Next you will need to modify the pptpd.conf
$ vi /etc/pptpd.conf
Then scroll down to the bottom and modify the following lines with the subnets you would like assigned:
# (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or localip 192.168.2.0 remoteip 192.168.2.2-238,192.168.2.245
Step 3. The vpn server is now configured and now you must setup authenticated users:
$ vi /etc/ppp/chap-secrets
The config file is very straight forward and I have an example of a user included:
# Secrets for authentication using CHAP # client server secret IP addresses clown pptpd bigshoes "*"
Step 4. When pptpd was installed it started automatically so we will need to restart it to apply the changes:
$ /etc/init.d/pptpd restart
Then just to make sure all is good lets check to make sure the service is listening:
$ netstat -anp | grep pptpd tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7565/pptpd unix 2 [ ] DGRAM 15781 7565/pptpd
If you see a listen on port 1723 you are ready to connect.
Optional: Now, if you would like to add internet access over this vpn, you can do this:
$ vi /etc/sysctl.conf
and find the line for ipv4 forwarding and make sure it = 1:
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
The use iptables to get the net forwarded:
$ /sbin/iptables -P FORWARD ACCEPT $ /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
Optionally you can install bind9 and have a DNS resolver you can use for the vpn connection:
$ apt-get install bind9 -y
Then start it:
$ /etc/init.d/bind9 start
The configuration of the vpn client that is connecting can be modified to use this DNS resolver now to allow for more control.
Connecting to the vpn from a Windows 7 client ( Click images to zoom in):
Step 1. Open the Network and Sharing center
Step 2. Set up a new connection or network
Step 3. Connect to a workplace
Step 4. No create a new connection if other connections exist
Step 5. Use my internet cconnection:
Step 6. Enter the internet address and name of the vpn connection
Step 7. Enter the username and password:
Step 8. Connect!!
This should pretty much cover all you need for the installation of a basic Debian or Ubuntu PPTP vpn server. Enjoy!