Dustin Larmeir's tech blog.
Setting up a pptp vpn server on Debian and Ubuntu
Yesterday I decided to setup a vpn server so a friend and I could play some coop mode on call of duty 5. This was so easy to setup I thought I would share it with the rest of the world:
Step 1. Installing pptpd – the pptpd is the daemon that runs the pptp server. To install this just use apt-get:
$ apt-get install ssh pptpd -y
Step2. Next you will need to modify the pptpd.conf
$ vi /etc/pptpd.conf
Then scroll down to the bottom and modify the following lines with the subnets you would like assigned:
# (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or localip 192.168.2.0 remoteip 192.168.2.2-238,192.168.2.245
Step 3. The vpn server is now configured and now you must setup authenticated users:
$ vi /etc/ppp/chap-secrets
The config file is very straight forward and I have an example of a user included:
# Secrets for authentication using CHAP # client server secret IP addresses clown pptpd bigshoes "*"
Step 4. When pptpd was installed it started automatically so we will need to restart it to apply the changes:
$ /etc/init.d/pptpd restart
Then just to make sure all is good lets check to make sure the service is listening:
$ netstat -anp | grep pptpd tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7565/pptpd unix 2 [ ] DGRAM 15781 7565/pptpd
If you see a listen on port 1723 you are ready to connect.
Optional: Now, if you would like to add internet access over this vpn, you can do this:
$ vi /etc/sysctl.conf
and find the line for ipv4 forwarding and make sure it = 1:
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
The use iptables to get the net forwarded:
$ /sbin/iptables -P FORWARD ACCEPT $ /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
Optionally you can install bind9 and have a DNS resolver you can use for the vpn connection:
$ apt-get install bind9 -y
Then start it:
$ /etc/init.d/bind9 start
The configuration of the vpn client that is connecting can be modified to use this DNS resolver now to allow for more control.
Connecting to the vpn from a Windows 7 client ( Click images to zoom in):
Step 1. Open the Network and Sharing center
Step 2. Set up a new connection or network
Step 3. Connect to a workplace
Step 4. No create a new connection if other connections exist
Step 5. Use my internet cconnection:
Step 6. Enter the internet address and name of the vpn connection
Step 7. Enter the username and password:
Step 8. Connect!!
This should pretty much cover all you need for the installation of a basic Debian or Ubuntu PPTP vpn server. Enjoy!
| Print article | This entry was posted by dlarmeir on March 20, 2010 at 6:49 am, and is filed under Past Blogs. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
installing Nginx with php fast-cgi on Ubuntu
about 4 months ago - 3 comments
Nginx is an awesome webserver and reverse proxy that is feature rich and super fast. Per wiki.nginx.org here is the description of the server: ———————————————————————————————————- Nginx is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Igor Sysoev started development of Nginx in 2002, with the first public
Setting up a simple NFS share
about 5 months ago - No comments
I migrated to Citrix Xenserver yesterday and needed an ISO storage point for my custom OS installs – the easiest solution for this? NFS ( Network File System ) This awesome tool is way to mount other machines across the network as if it was a local file system. In this case I am using
Switched to good ole’ Debian Lenny
about 5 months ago - 2 comments
Last night in my zombified state I migrated from RHEL 5 to Debian Lenny as I need to brush up on my Debian skillz. This was alot easier than expected thanks to my good friend rsync. Since we are on this topic lets touch on how to rsync over ssh. The easiest way to do
Bittorrent for RedHat Enterprise 5 – Packaged with installer
about 1 year ago - 2 comments
Anyone who uses RedHat enterprise will find that plugging into third party repositories to get non standard software is risky. Today I needed to install bittorrent and noticed that the redhat enterprise 5 repository does not have what I need. Well, I got the packages needed and built a installer so that anyone using RedHat
Server was down for a few hours. Did some security hardening procedures.
about 2 years ago - No comments
I took the server offline for a few hours today to make some improvements on security. My server has been bombarded by ssh & ftp bruteforce attacks, http based exploit attempts, and general exploits. I work hard to keep my server patched and locked down but you can never be too careful. I am also
about 2 months ago
Hi, this is a very good How To. It is just what I was looking for. Thanks.
I do have a question though. The ISP for my server does not provide a static IP address, so I will need to use a DNS resolver. Could you explain how to deal with the DNS resolver on the Windows 7 client?
Thank you very much.
rats
about 2 months ago
Great tutorial, but I have a little problem! It seems that my server does not have kernel support for PPP. Do you know how to fix it?
Here’s the error:
pppd: This system lacks kernel support for PPP. This could be because
the PPP kernel module could not be loaded, or because PPP was not
included in the kernel configuration. If PPP was included as a
module, try `/sbin/modprobe -v ppp’. If that fails, check that
ppp.o exists in /lib/modules/`uname -r`/net.
See README.linux file in the ppp distribution for more details.
about 6 days ago
Hey,
Ive tried this but unfortunately it wont seem to connect from windows 7 ..? any ideas on what the problemmay be.?