Contents

Tutorial Video



Introduction

In this tutorial we will guide you to setup your own Poptop or PPTP VPN Server on CentOS 7. It is easier to install than any other VPN Software.

 

Prerequisites

You will need:

  1. A VPS Tiger server, order at Pricing
  2. Getting Started with VPS Tiger Tutorial
  3. SSH with root access.

 

Installing Epel Repository

In minimal centos, you will need to install epel repository using yum.

yum -y install epel-release

You will get output similar to:

...
Installed:
  epel-release.noarch 0:7-11

Complete!

 

Installing Poptop

Install Poptop and other services using yum.

yum -y install ppp pptpd net-tools iptables-services

You will get output similar to:

...
Dependency Updated:
  iptables.x86_64 0:1.4.21-24.1.el7_5

Complete!

 

Backing Up Poptop Files

We will first backup the poptop files.

mv /etc/pptpd.conf /etc/pptpd.conf.bkp
mv -f /etc/ppp/options.pptpd /etc/ppp/options.pptpd.bkp

 

Creating options.pptpd

Run the following command to create options.pptpd

echo 'name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4' > /etc/ppp/options.pptpd

 

Creating pptpd.conf

Run the following command to create pptpd.conf

echo 'option /etc/ppp/options.pptpd
logwtmp
localip 10.0.10.1
remoteip 10.0.10.2-254' > /etc/pptpd.conf

 

Enabling IP Forwarding

Enable IP forwarding.

echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf

To verify run the following command.

sysctl -p

You will get output similar to:

net.ipv4.ip_forward = 1
...

net.ipv4.ip_forward should have the value 1.
 

Firewall Commands

Run the following commands:

systemctl stop firewalld.service
systemctl disable firewalld.service
service iptables save
service iptables stop
chkconfig iptables off
iptables -F
chmod +x /etc/rc.d/rc.local

 

Firewall Routing

Configure routing with iptables.

echo "iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE" >> /etc/rc.d/rc.local
iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE

Then save the configuration:

sudo iptables-save

 

Installing Nano

In minimal centos, you will need to install nano using yum.

yum -y install nano

You will get output similar to:

...
Installed:
  nano-2.0.9-7.el6.x86_64

Complete!

 

PPTP Users

You can add, edit and remove users through chap-secrets file.

nano /etc/ppp/chap-secrets

You will get output similar to:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
vpn pptpd IJYcY0gU *

vpn is username, while IJYcY0gU is password, you can edit it accordingly.
Once you completed the edit, save the file by pressing (CTRL + X) keyboard shortcut.
Restart the PPTP, so the new file is loaded.

service pptpd restart

You will get output similar to:

Shutting down pptpd:                                       [  OK  ]
Starting pptpd:                                            [  OK  ]
Warning: a pptpd restart does not terminate existing
connections, so new connections may be assigned the same IP
address and cause unexpected results.  Use restart-kill to
destroy existing connections during a restart.

 

Conclusion

Your Poptop (PPTP) vpn server setup is complete. Now you can connect to your own Poptop (PPTP) VPN server from your PC or mobile device.