First of all install all the required Libraries and pptd Server on Linux System.

You can also make the use of yum to install the pptp server as…
[root@server~]# yum -y install ppp*

Now open the file /etc/pptpd.conf.
[root@server~]# vim /etc/pptpd.conf

Go to the end of the file where you can see examples of local ip and remote ip. Below them add your own values for local ip and remote ip.
localip      10.0.0.1
remoteip     10.0.0.10-100

In the above, 10.0.0.1 will be used for the ppp interface and 10.0.0.10 – 10.0.0.100 will be assigned to the clients. You can also use different private IPs in ‘localip’ and ‘remoteip’, like 10.20.26.1 and 10.20.26.10-100.
Next, open the file /etc/ppp/options.pptpd.
[root@server~]#vim /etc/ppp/option.pptpd

Uncomment the ms-dns lines (by removing the ‘#’ in front of them) and change them to the dns servers provided by your ISP or to public DNS servers like ones provided by OpenDNS.
ms-dns 208.67.222.222
ms-dns 208.67.220.220

Thats all you need to change in the options.pptpd file.

Next you will need to edit the file /etc/ppp/chap-secrets to add usernames and passwords for your clients. You need to enter the usernames and passwords in the following format.
[root@server~]#vim /etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client server secret IP addresses
username pptpd password *
username2 pptpd password2 *

You can also put a * in place of ‘pptpd’ just like there is a * below ‘IP addresses’. Also instead of a * below ‘IP addresses’ you can put the IP address from which the client will be connecting.

Now we need to enable IP forwarding. So open the file /etc/sysctl.conf
and set ‘net.ipv4.ip_forward’ to 1.      

To make the changes to sysctl.conf take effect, use the following command.
[root@server~]# sysctl –p

Or you can also use the following command to enable IP forwarding temporarily.
[root@server~]# echo 1 > /proc/sys/net/ipv4/ip_forward

Next, configure iptables to do NAT.
[root@server~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Next, we need to allow TCP port 1723 and the GRE protocol through iptables.
[root@server~]# iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
[root@server~]# iptables -A INPUT -i eth0 -p gre -j ACCEPT

Next, we need to allow TCP port 1723 and the GRE protocol through iptables.    

[root@server~]# iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
[root@server~]# iptables -A INPUT -i eth0 -p gre -j ACCEPT

Now start the PPTP server if you haven’t already.
[root@server~]#service pptpd start

Posted in: Linux.
Last Modified: November 8, 2013

Leave a reply