Introduction
In this tutorial we will guide you to setup your own Poptop or PPTP VPN Server on CentOS 7. It is easier to install than any other VPN Software.
Prerequisites
You will need:
- A VPS Tiger server, order at Pricing
- Getting Started with VPS Tiger Tutorial
- SSH with root access.
Installing Epel Repository
In minimal centos, you will need to install epel repository using yum.
yum -y install epel-release
You will get output similar to:
... Installed: epel-release.noarch 0:7-11 Complete!
Installing Poptop
Install Poptop and other services using yum.
yum -y install ppp pptpd net-tools iptables-services
You will get output similar to:
... Dependency Updated: iptables.x86_64 0:1.4.21-24.1.el7_5 Complete!
Backing Up Poptop Files
We will first backup the poptop files.
mv /etc/pptpd.conf /etc/pptpd.conf.bkp
mv -f /etc/ppp/options.pptpd /etc/ppp/options.pptpd.bkp
Creating options.pptpd
Run the following command to create options.pptpd
echo 'name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 proxyarp lock nobsdcomp novj novjccomp nologfd ms-dns 8.8.8.8 ms-dns 8.8.4.4' > /etc/ppp/options.pptpd
Creating pptpd.conf
Run the following command to create pptpd.conf
echo 'option /etc/ppp/options.pptpd logwtmp localip 10.0.10.1 remoteip 10.0.10.2-254' > /etc/pptpd.conf
Enabling IP Forwarding
Enable IP forwarding.
echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf
To verify run the following command.
sysctl -p
You will get output similar to:
net.ipv4.ip_forward = 1 ...
net.ipv4.ip_forward should have the value 1.
Firewall Commands
Run the following commands:
systemctl stop firewalld.service
systemctl disable firewalld.service
service iptables save
service iptables stop
chkconfig iptables off
iptables -F
chmod +x /etc/rc.d/rc.local
Firewall Routing
Configure routing with iptables.
echo "iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE" >> /etc/rc.d/rc.local
iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
Then save the configuration:
sudo iptables-save
Installing Nano
In minimal centos, you will need to install nano using yum.
yum -y install nano
You will get output similar to:
... Installed: nano-2.0.9-7.el6.x86_64 Complete!
PPTP Users
You can add, edit and remove users through chap-secrets file.
nano /etc/ppp/chap-secrets
You will get output similar to:
# Secrets for authentication using CHAP # client server secret IP addresses vpn pptpd IJYcY0gU *
vpn is username, while IJYcY0gU is password, you can edit it accordingly.
Once you completed the edit, save the file by pressing (CTRL + X) keyboard shortcut.
Restart the PPTP, so the new file is loaded.
service pptpd restart
You will get output similar to:
Shutting down pptpd: [ OK ] Starting pptpd: [ OK ] Warning: a pptpd restart does not terminate existing connections, so new connections may be assigned the same IP address and cause unexpected results. Use restart-kill to destroy existing connections during a restart.
Conclusion
Your Poptop (PPTP) vpn server setup is complete. Now you can connect to your own Poptop (PPTP) VPN server from your PC or mobile device.