This guide explains how to setup your own PPTP VPN on CentOS 6 by using the pptpd daemon available in the yum repository.
Please note that security vulnerabilities have been found in the PPTP protocol and it may be worth evaluating other VPN protocols before utilizing PPTP.
Setup VPN server
Install the required packages.
yum install -y pptpd
Configure the PPTP settings. The "ppp" configuration files are important for pptpd. First, configure /etc/ppp/options.pptpd, as follows. If desired, you may change the DNS servers.
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4
Next, add users to the PPTP VPN service by editing /etc/ppp/chap-secrets. Change the username and passwords accordingly.
aklwebhost1 pptpd P@$$w0rd *
aklwebhost2 pptpd P@$$w0rd2 *
Configure the pptpd daemon settings by editing /etc/pptpd.conf. Use the following example configuration. You can change the IP address ranges if needed.
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.80.1
remoteip 192.168.80.101-200
Next, edit /etc/sysctl.conf to enable IP forwarding.
sed -i 's/^net.ipv4.ip_forward.*/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
sysctl -p
Configure routing with iptables.
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1723 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.80.0/24 -j MASQUERADE
service iptables save
service iptables start
Start the service.
service pptpd start
Your PPTP server setup is complete. Now you can connect to your own PPTP VPN server from your PC or mobile device.
