Wednesday, December 29, 2010

Set up PPTP server

The last post talked about setting up a PPTP client and forwarding all of that client's traffic over the VPN. Here's my notes on setting up the server on Ubuntu (or Debian, I don't recall which I was using):

Open/Forward Ports 1721 and 47 
(1721 needs both TCP/UDP I believe, 47 I don't know)

sudo apt-get install pptpd

edit /etc/pptpd.conf
   localip [IP_ADDR] (any unused IP address in network)
   remoteip [IP_ADDR_RANGE] (ex: "192.168.5.200-220")
                            (range of IPs to assign to clients)

edit /etc/ppp/chap-secrets
   [username] pptpd password *

edit /etc/ppp/pptd-options
   uncomment the "ms-dns" lines and insert your DNS servers 
   after them

Set PPTPD server to forward packets:
  If "cat /proc/sys/net/ipv4/ip_forward" isn't 1, change it to 1:
      To change it temporarily:
         sudo su
         echo 1 > /proc/sys/net/ipv4/ip_forward
      To change it permanantly:
         nano /etc/sysctl.conf
         add the line "net.ipv4.ip_forward = 1"

  Ensure server is configured to do NAT or masquerade:
      # iptables --table nat --append POSTROUTING --out-interface eth0 --jump MASQUERADE
      To make this permanent:
         sudo iptables-save > iptables.conf (assuming I'm in ~/)
         sudo nano /etc/rc.local
         add line: iptables-restore < /home/[user]/iptables.conf

Sources:
http://poptop.sourceforge.net/dox/diagnose-forwarding.phtml
http://forums.bit-tech.net/showthread.php?t=132029

No comments:

Post a Comment