PPTP VPN Server configuration
Posted: 2023 May 03, 21:15
Install pptpd server and ppp service
Enable ipv4 forward
Method #1
Method #2
Edit line
to
Reload sysctl settings
Configure pptpd
Where eth1 is the LAN interface and eth0 is the WAN interface.
Configure chap-secrets with users, passwords and reserved ip addressees
Firewall configuration for clients using VPN connection via LAN interface
Start pptpd server
or
Code: Select all
[root @ centos ~] yum install -y pptpd pppMethod #1
Code: Select all
[root @ centos ~] echo 1 > /proc/sys/net/ipv4/ip_forwardCode: Select all
[root @ centos ~] nano /etc/sysctl.confCode: Select all
net.ipv4.ip_forward = 0Code: Select all
net.ipv4.ip_forward = 1Code: Select all
[root @ centos ~] sysctl -p /etc/sysctl.conf
net.ipv4.ip_forward = 1Code: Select all
[root @ centos ~] nano /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
bcrelay eth1
connections 10
localip 192.168.30.1
remoteip 192.168.30.2-254Configure chap-secrets with users, passwords and reserved ip addressees
Code: Select all
[root @ centos ~] nano /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
"user1" "pptpd" "password1" "192.168.60.2"
"user2" "pptpd" "password2" "*"Code: Select all
[root @ centos ~] iptables -A INPUT -i eth+ -p tcp -m multiport --dport 1723,47 -j ACCEPT
[root @ centos ~] iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
[root @ centos ~] iptables -A FORWARD -p tcp -s 192.168.60.0/24 -j TCPMSS --syn --set-mss 1356Code: Select all
[root @ centos ~] service pptpd startCode: Select all
[root @ centos ~] /etc/init.d/pptpd start