Configuring poptop VPN Server in RHEL-5


First of all install all the required Libraries and pptd Server on Linux System.

You can also make the use of yum to install the pptp server as…
[root@server~]# yum -y install ppp*

Now open the file /etc/pptpd.conf.
[root@server~]# vim /etc/pptpd.conf

Go to the end of the file where you can see examples of local ip and remote ip. Below them add your own values for local ip and remote ip.
localip      10.0.0.1
remoteip     10.0.0.10-100

In the above, 10.0.0.1 will be used for the ppp interface and 10.0.0.10 – 10.0.0.100 will be assigned to the clients. You can also use different private IPs in ‘localip’ and ‘remoteip’, like 10.20.26.1 and 10.20.26.10-100.
Next, open the file /etc/ppp/options.pptpd.
[root@server~]#vim /etc/ppp/option.pptpd

Uncomment the ms-dns lines (by removing the ‘#’ in front of them) and change them to the dns servers provided by your ISP or to public DNS servers like ones provided by OpenDNS.
ms-dns 208.67.222.222
ms-dns 208.67.220.220

Thats all you need to change in the options.pptpd file.

Next you will need to edit the file /etc/ppp/chap-secrets to add usernames and passwords for your clients. You need to enter the usernames and passwords in the following format.
[root@server~]#vim /etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client server secret IP addresses
username pptpd password *
username2 pptpd password2 *

You can also put a * in place of ‘pptpd’ just like there is a * below ‘IP addresses’. Also instead of a * below ‘IP addresses’ you can put the IP address from which the client will be connecting.

Now we need to enable IP forwarding. So open the file /etc/sysctl.conf
and set ‘net.ipv4.ip_forward’ to 1.      

To make the changes to sysctl.conf take effect, use the following command.
[root@server~]# sysctl –p

Or you can also use the following command to enable IP forwarding temporarily.
[root@server~]# echo 1 > /proc/sys/net/ipv4/ip_forward

Next, configure iptables to do NAT.
[root@server~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Next, we need to allow TCP port 1723 and the GRE protocol through iptables.
[root@server~]# iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
[root@server~]# iptables -A INPUT -i eth0 -p gre -j ACCEPT

Next, we need to allow TCP port 1723 and the GRE protocol through iptables.    

[root@server~]# iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
[root@server~]# iptables -A INPUT -i eth0 -p gre -j ACCEPT

Now start the PPTP server if you haven’t already.
[root@server~]#service pptpd start

About Alex Hunt

Hi All I am Manish Kumar Jha aka Alex Hunt. I am currently working in VMware Software India Pvt Ltd as Operations System Engineer (vCloud Air Operations). I have around 5 Years of IT experience and have exposure on VMware vSphere, vCloud Director, RHEL and modern data center technologies like Cisco UCS and Cisco Nexus 1000v and NSX. If you find any post informational to you please press like and share it across social media and leave your comments if you want to discuss further on any post. Disclaimer: All the information on this website is published in good faith and for general information purpose only. I don’t make any warranties about the completeness, reliability and accuracy of this information. Any action you take upon the information you find on this blog is strictly at your own risk. The Views and opinions published on this blog are my own and not the opinions of my employer or any of the vendors of the product discussed.
This entry was posted in Linux/CentOS. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s