Setup PPTP on CentOS 7

Install PPTP VPN Server on your CentOS 7 OS VPS

This PPTP VPN server works with both Centos 7 LXC and KVM

 

Start with installing the below packages:

yum -y install epel-release

yum -y install ppp pptpd net-tools iptables-services


To edit the files we use nano as text-editor:

yum -y install nano

 

 

Create options.pptpd
Copy and paste the below text in cli, and  hit ENTER, to create options.pptpd:

echo 'name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4' > /etc/ppp/options.pptpd

 

 

Create pptpd.conf
Copy and paste the below text in cli, and hit ENTER, to create pptpd.conf

echo 'option /etc/ppp/options.pptpd
logwtmp
localip 10.0.10.1
remoteip 10.0.10.2-254' > /etc/pptpd.conf

 

 

Enabling IP Forwarding

echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf

To verify run the following command.

sysctl -p

You will get output similar to:

net.ipv4.ip_forward = 1

 

 

Firewall Configuration
Run the following commands:

systemctl stop firewalld.service

systemctl disable firewalld.service

service iptables save

service iptables stop

chkconfig iptables off

iptables -F

chmod +x /etc/rc.d/rc.local

 

 

Put rules in iptables

iptables -A INPUT -p gre -j ACCEPT

iptables -A OUTPUT -p gre -j ACCEPT

iptables -A FORWARD -s 10.0.0.0/8 -j ACCEPT

iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT

Save the rules

iptables-save

 

 

Start PPTP service:

service pptpd start

 

Make sure it is listening on the right port, type:

netstat -alon | grep :1723

or 

netstat -alpn | grep pptp

 

Output should be similar to this:
tcp        0      0 0.0.0.0:1723            0.0.0.0:*               LISTEN      off (0.00/0/0)

 

 

PPTP Users

You can add, edit and remove users through chap-secrets file.

nano /etc/ppp/chap-secrets

 

You will get output similar to this:

Secrets for authentication using CHAP

# client        server  secret                  IP addresses

 

Put your Username and Password like this(choose your own username & password):

UserName1 pptpd PassWord1 *

 

UserName1 is username, while PassWord1 is password, you can edit it accordingly, the asterisk * means that any IP address can use that login information

 

Once you completed the edit, save the file by pressing CTRL + X keyboard shortcut, choose y and press ENTER.

Restart the PPTP, so the new file is loaded.

service pptpd restart

 

Enable at startup

systemctl enable pptpd.service

 

 

Your PPTP VPN server setup is now complete. You should now be able to login to your VPN server.

 

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Enable Tun/Tap

SSH into your LXC container. You will have to add a few lines to the linux boot file so that it...

Setup WireGuard VPN Server and Client (KVM)

1. Install WireGuard on the VPN server   - Ubuntu ≥ 19.10 #sudo apt install wireguard...