# warning: this is not script, it's a set of instructions.
#these steps create pptp vpn server so all clients can reach all others clients.
##################### SERVER SIDE (UBUNTU SERVER 16.04+) ######################
sudo apt-get install pptpd
sudo update-rc.d pptpd defaults
# I had to use this on 16.04... it fixes autostart problem:
sudo systemctl enable pptpd
#edit file "/etc/pptpd.conf": example using nano: $> sudo nano /etc/pptpd.conf
#add the following lines:
localip 10.20.0.1
remoteip 10.20.1.100-200 #100 clients
#save it
#edit file "/etc/ppp/chap-secrets": example using nano: $> sudo nano /etc/ppp/chap-secrets
#add all clients with fixed ip addresses (change user1, user2... and password1, password2,.. according to your preference):
user1 pptpd password1 10.20.1.100
user2 pptpd password2 10.20.1.101
user3 pptpd password3 10.20.1.200
:
#save it
#edit/add this line at "/etc/systl.conf":
net.ipv4.ip_forward = 1
#save change:
sudo sysctl -p
#Configure iptables for forwarding (let clients see all each other):
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.20.0.0/16 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface enp0s8 -j ACCEPT
iptables-save
#restart your service:
sudo service pptpd restart
##################### CLIENT SIDE FOR UBUNTU SERVER ######################
## Start client side (Ubuntu Server (w/o GUI)):
##
## ============================================================
## 1) Configure pptp: (Change your <vpn server address>)
## (in this example we named the provider as "pptpserver")
## ============================================================
sudo apt-get install pptp-linux
sudo nano /etc/ppp/peers/pptpserver
# add the following lines:
pty "pptp <vpn server address> --nolaunchpppd"
lock
noauth
nobsdcomp
nodeflate
name server
password 13132828
remotename pptpserver
persist
maxfail 0
holdoff 5
require-mppe-128
# and save (ctrl-o ctrl-x)
# ==================================================================
# 2) Create config file for adding route automatically when startup:
# this is necessary in order to not use vpn internet connection
# (use same name of provider, in my case "pptpserver")
# ==================================================================
sudo nano /etc/ppp/ip-up.d/pptpserver
# add the wollowings lines:
#!/bin/bash
# This script is called with the following arguments:
# Arg Name
# $1 Interface name
# $2 The tty
# $3 The link speed
# $4 Local IP number
# $5 Peer IP number
# $6 Optional ''ipparam'' value foo
/sbin/route add -net 10.20.0.0 netmask 255.255.0.0 dev ppp0
# and save (ctrl-o ctrl-x)
#... then set execute permission:
sudo chmod +x /etc/ppp/ip-up.d/pptpserver
# ============================================================
# STARTUP CONNECTION
# ============================================================
# ------------------------------------
# 1) Manual startup:
# ------------------------------------
sudo pon pptpserver
# ------------------------------------
# 2) Auto startup on boot:
# ------------------------------------
#
# a) USING INTERFACES: Edit interfaces file:
#
sudo nano /etc/network/interfaces
# add the following lines to the end:
auto tunnel
iface tunnel inet ppp
provider pptpserver
# and save (ctrl-o ctrl-x)
# then restart networking:
sudo /etc/init.d/networking restart
#
# b) USING SERVICE SYSTEMCTL
#
sudo nano /etc/systemd/system/pppoe.service
# add these lines:
[Unit]
Description=PPPoE connection
[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/usr/bin/pon pptpserver
ExecStop=/usr/bin/poff -a
[Install]
WantedBy=default.target
# and save
# then change permissions:
sudo chmod +x /etc/systemd/system/pppoe.service
# then reload daemons:
systemctl daemon-reload
# and it will connect on boot.
#start:
sudo systemctl start pppoe
#stop:
sudo systemctl stop pppoe