How To Setup a PPTP VPN in Ubuntu Server ?

VPN secures your computer’s internet connection to guarantee that all of the data you’re sending and receiving is encrypted and secured from prying eyes. You can get cheap vpn from many vpn providers. But i will show you how to get a private VPN maintained by yourself by less then 4$.

How_To_Setup_a_PPTP_VPN_in_Ubuntu_Server

You will need a kvm. OpenVZ is normally very much painful. You can try but you need to ask your provider for accessing pptp.

After getting that install Ubuntu-12.04 in it. And then let the vpn installation begin :).

First we need to install pptp server using apt-get

sudo apt-get install pptpd

Then we need to configure the pptpd.

sudo nano /etc/pptpd.conf

Add server IP and client IP at the end of the file. You can add like below:

localip 192.168.0.1
remoteip 192.168.0.100-199

Replace 192.168.0.1 with your server ip. This sets up the PPTP server to use IP 192.168.0.1 while distributing the IP range 192.168.0.100-199 to PPTP clients. Change these as you wish as long as they are private IP addresses and do not conflict with IP addresses already used by your server.

Configure DNS servers to use when clients connect to this PPTP server

sudo nano /etc/ppp/pptpd-options

Now comment out require-mppe-128 like below

# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
#require-mppe-128
# }}}

Add Googles Public DNS like below

# specifies the primary DNS address; the second instance (if given)
# specifies the secondary DNS address.
# Attention! This information may not be taken into account by a Windows
# client. See KB311218 in Microsoft's knowledge base for more information.
#ms-dns 10.0.0.1
#ms-dns 10.0.0.2

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Now add a VPN user in /etc/ppp/chap-secrets file.

sudo nano /etc/ppp/chap-secrets

The column is username. Second column is server name, you can put “pptpd” in there. Third column is password. The last column is the IP addresses, you can put * to allow all IP.

# client        server  secret                  IP addresses
username * myPassword *

Finally start your server

/etc/init.d/pptpd restart

 

Setup IP Forwarding

To enable IPv4 forward. Change /etc/sysctl.conf file, add forward rule blew.

sudo nano /etc/sysctl.conf

Uncomnent the line

net.ipv4.ip_forward=1

Then reload the configuration

sudo sysctl -p

Add forward rule in iptables

sudo nano /etc/rc.local

adding to the bottom just before the exit 0

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Use venet0 instead of eth0 if you have Openvz .

Now run below command.

FOR Xen/KVM :

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

FOR OpenVZ :

iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE

You are done. Just reboot your server and you should be able to connect to using PPTPD and send all your traffic through this server.

Thank You

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.