Learn How To Setup PPP VPN on Debian/Ubuntu

August 5, 2019

Table of Contents

Install Packages

Install the pptpd package on your VPS with the following command:

apt-get install pptpd

Configuration

Insert new settings to /etc/pptpd.conf and /etc/ppp/pptpd-options by running the following commands:

cat >/etc/pptpd.conf <<EOF
option /etc/ppp/pptpd-options
logwtmp
localip 192.168.10.1
remoteip 192.168.10.101-200
EOF

cat >/etc/ppp/pptpd-options <<EOF
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
nodefaultroute
lock
nobsdcomp
ms-dns 8.8.8.8
ms-dns 208.67.222.222
debug
dump
idle 300
EOF

Edit /etc/ppp/chap-secrets to insert VPN users.

FIRST_USERNAME  pptpd   PASSWORD1   *
SECOND_USERNAME pptpd   PASSWORD2   *

Restart the pptpd service.

/etc/init.d/pptpd restart

Enable Forwarding

Run this command to enable IPv4 forwarding. IPv4 forwarding must be enabled for the VPN to work properly.

sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf

Make this change permanent.

sysctl -p

Setup Routing

Create a network startup script to configure iptables.

touch /etc/network/if-pre-up.d/route

Insert content to the script:

cat >/etc/network/if-pre-up.d/route <<EOF
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 192.168.10.0/24 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT
EOF

Setup this script to be executable.

chmod +x /etc/network/if-pre-up.d/route

Run the script to apply these rules to iptables.

/etc/network/if-pre-up.d/route

Complete

Now you can connect to your own VPN server from your PC or mobile device.

Need help?

Do you need help setting up this on your own service?
Please contact us and we’ll provide you the best possible quote!