Linux/Ubuntu: How to setup pptp vpn server

PHOTO EMBED

Mon Aug 29 2022 13:48:11 GMT+0000 (UTC)

Saved by @marcopinero #bash

# warning: this is not script, it's a set of instructions.
#these steps create pptp vpn server so all clients can reach all others clients.

##################### SERVER SIDE (UBUNTU SERVER 16.04+) ######################

sudo apt-get install pptpd
sudo update-rc.d pptpd defaults

# I had to use this on 16.04... it fixes autostart problem:
sudo systemctl enable pptpd 

#edit file "/etc/pptpd.conf": example using nano: $> sudo nano /etc/pptpd.conf
#add the following lines:
    
    localip 10.20.0.1
    remoteip 10.20.1.100-200 #100 clients
#save it
        
#edit file "/etc/ppp/chap-secrets": example using nano: $> sudo nano /etc/ppp/chap-secrets
#add all clients with fixed ip addresses (change user1, user2... and password1, password2,.. according to your preference):

    user1 pptpd password1 10.20.1.100 
    user2 pptpd password2 10.20.1.101
    user3 pptpd password3 10.20.1.200
    :
#save it

#edit/add this line at "/etc/systl.conf":
    net.ipv4.ip_forward = 1
#save change:
sudo sysctl -p

#Configure iptables for forwarding (let clients see all each other):

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.20.0.0/16 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface enp0s8 -j ACCEPT
iptables-save

#restart your service:

sudo service pptpd restart


##################### CLIENT SIDE FOR UBUNTU SERVER ######################

## Start client side (Ubuntu Server (w/o GUI)):
##
## ============================================================
## 1) Configure pptp: (Change your <vpn server address>)
##   (in this example we named the provider as "pptpserver")
## ============================================================

sudo apt-get install pptp-linux

sudo nano /etc/ppp/peers/pptpserver

# add the following lines:

pty "pptp <vpn server address> --nolaunchpppd"
lock
noauth
nobsdcomp
nodeflate
name server
password 13132828
remotename pptpserver
persist
maxfail 0
holdoff 5
require-mppe-128

# and save (ctrl-o ctrl-x)

# ==================================================================
# 2) Create config file for adding route automatically when startup:
#    this is necessary in order to not use vpn internet connection
#    (use same name of provider, in my case "pptpserver")
# ==================================================================

sudo nano /etc/ppp/ip-up.d/pptpserver

# add the wollowings lines:

#!/bin/bash
# This script is called with the following arguments:
# Arg Name
# $1 Interface name
# $2 The tty
# $3 The link speed
# $4 Local IP number
# $5 Peer IP number
# $6 Optional ''ipparam'' value foo
/sbin/route add -net 10.20.0.0 netmask 255.255.0.0 dev ppp0


# and save (ctrl-o ctrl-x)
#... then set execute permission:

sudo chmod +x /etc/ppp/ip-up.d/pptpserver

# ============================================================
#   STARTUP CONNECTION
# ============================================================

# ------------------------------------
# 1) Manual startup:
# ------------------------------------

sudo pon pptpserver

# ------------------------------------
# 2) Auto startup on boot:
# ------------------------------------

#
# a) USING INTERFACES: Edit interfaces file:
#

sudo nano /etc/network/interfaces

# add the following lines to the end:

auto tunnel
iface tunnel inet ppp
  provider pptpserver

# and save (ctrl-o ctrl-x)
# then restart networking:

sudo /etc/init.d/networking restart

#
# b) USING SERVICE SYSTEMCTL
#

sudo nano /etc/systemd/system/pppoe.service

# add these lines:

[Unit]
Description=PPPoE connection
 
[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/usr/bin/pon pptpserver
ExecStop=/usr/bin/poff -a
 
[Install]
WantedBy=default.target

# and save
# then change permissions:

sudo chmod +x /etc/systemd/system/pppoe.service

# then reload daemons:

systemctl daemon-reload

# and it will connect on boot.

#start:
sudo systemctl start pppoe

#stop:
sudo systemctl stop pppoe
content_copyCOPY