Setup PPTP VPN Server on CentOS 6

Last Updated: Thu, Mar 19, 2015
CentOS Linux Guides Networking
Archived content

This article is outdated and may not work correctly for current operating systems or software.

This guide explains how to setup your own PPTP VPN on CentOS 6 by using the pptpd daemon available in the yum repository.

Please note that security vulnerabilities have been found in the PPTP protocol and it may be worth evaluating other VPN protocols before utilizing PPTP.

Setup VPN server

Install the required packages.

yum install -y pptpd

Configure the PPTP settings. The "ppp" configuration files are important for pptpd. First, configure /etc/ppp/options.pptpd, as follows. If desired, you may change the DNS servers.

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

proxyarp

lock

nobsdcomp 

novj

novjccomp

nologfd

ms-dns 8.8.8.8

ms-dns 8.8.4.4

Next, add users to the PPTP VPN service by editing /etc/ppp/chap-secrets. Change the username and passwords accordingly.

vultr1  pptpd   P@$$w0rd  *

vultr2  pptpd   P@$$w0rd2  *

Configure the pptpd daemon settings by editing /etc/pptpd.conf. Use the following example configuration. You can change the IP address ranges if needed.

option /etc/ppp/options.pptpd

logwtmp

localip 192.168.80.1

remoteip 192.168.80.101-200

Next, edit /etc/sysctl.conf to enable IP forwarding.

sed -i 's/^net.ipv4.ip_forward.*/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf

sysctl -p

Configure routing with iptables.

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1723 -j ACCEPT

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.80.0/24 -j MASQUERADE

service iptables save

service iptables start

Start the service.

service pptpd start

Your PPTP server setup is complete. Now you can connect to your own PPTP VPN server from your PC or mobile device.

Want to contribute?

You could earn up to $600 by adding new articles.