This howto describes the steps in how to setup a PPTP VPN on Centos, Fedora, Debian, and Ubuntu with basic RSA authentication.
Before the installation make sure to have your Yum repos updated with the Epel repos.
CentOS and Red Hat Enterprise Linux 5.x
wget http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm && sudo rpm -Uvh epel-release-5*.rpm
CentOS and Red Hat Enterprise Linux 6.x
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm && sudo rpm -Uvh epel-release-6*.rpm
CentOS and Red Hat Enterprise Linux 7.x
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm && sudo rpm -Uvh epel-release-7*.rpm
Step 1. Install PPTPD
CentOS/RedHat 5:
yum install pptpd.x86_64 -y
CentOS/RedHat 6:
yum install pptpd.x86_64 -y
Fedora 20:
yum install pptpd.x86_64 -y
Ubuntu/Debian:
apt-get install pptpd
Step 2. Edit IP setttings in /etc/pptpd.conf
echo > /etc/pptpd.conf
paste the following content into the pptpd.conf file
#start of custom file #logwtmp option /etc/ppp/options.pptpd localip 192.168.0.1 # local vpn IP remoteip 192.168.0.100-200 # ip range for connections listen 23.216.x.x # eth0 my example public IP and network interface #end of custom file
Step 3. Add user account in/etc/ppp/chap-secrets (assign username and password)
vi /etc/ppp/chap-secrets
usernameForuser1 * setpassword1here *
usernameForuser2 * setpassword2here *
Step 4. Optional settings in /etc/ppp/options.pptpd
echo > /etc/ppp/options.pptpd
Paste the following to your options.pptp
#custom settings for a simple fast pptp server ms-dns 8.8.8.8 ms-dns 4.2.2.2 lock name pptpd require-mschap-v2 # Require MPPE 128-bit encryption # (note that MPPE requires the use of MSCHAP-V2 during authentication) require-mppe-128
Step 5. Enable network forwarding in /etc/sysctl.conf
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
use the following command to apply the change:
sysctl -p
Step 6. Configure firewall (don’t skip this step even if you have firewall disabled.)
# sudo nano /etc/rc.local
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -p tcp –syn -s 192.168.0.0/24 -j TCPMSS –set-mss 1356
Step 7. Start PPTP VPN server
Fedora/Debian:
service pptpd restart
Centos/Fedora:
/etc/init.d/pptpd restart-kill && /etc/init.d/pptpd start
Note: To avoid starting pptp on every reboot you can automated by running chkconfig pptp on
The log of the VPN server, by default, is combined with system log located at /var/log/messages.
Source: https://www.photonvps.com/billing/knowledgebase.php?action=displayarticle&id=58