Install PPTP on CentOS 5
|This is an archived article or section.
This page is a legacy practice, project, or tutorial, and the information may not be up to date. See the talk page for more information about the page's status.
|This article discusses a deprecated technology or practice.
Visit the talk page for more information.
This page summarizes how to perform a basic installation of a PPTP VPN on CentOS 5. This tutorial assumes you have root/sudo access and have SELinux set to permissive or disabled.
This tutorial is geared more towards home users who have a spare system to run PPTP on. In this tutorial, Windows 7 is used for the client connecting to the VPN.
If you notice a problem with this How-To or would like to provide feedback, please email Matt.
- Install CentOS 5
GREprotocol and TCP port
1723through your firewall
Install the Server
Add the Poptop Yum Repository
Create iptables_set.sh, chmod +x iptables_set.sh, and run the script.
- Note: The following will work but you may wish to change the source address from 10.10.9.0/24 to the network range of your choosing based on your network.
#!/bin/bash /sbin/iptables -F /sbin/iptables -P INPUT DROP /sbin/iptables -P OUTPUT ACCEPT /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT /sbin/iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT /sbin/iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT /sbin/iptables -A INPUT -i eth0 -p gre -j ACCEPT /sbin/iptables -A INPUT -p icmp -j ACCEPT /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT /sbin/service iptables save /sbin/iptables -L -v
net.ipv4.ip_forward = 1
Make the changes active
Install PPTP Server
Install ppp and pptpd
yum install ppp pptpd
Configure the service to start on boot
chkconfig --levels 345 pptpd on
Configure Client Network Options
localip 10.10.11.1 remoteip 10.10.11.5-100
ms-dns 22.214.171.124 ms-dns 126.96.36.199
Configure Client Access
/etc/ppp/chap-secrets. You will need to customize the client name, secret (password), and you can either allow all IP address or limit as necessary.
# Secrets for authentication using CHAP # client server secret IP addresses mccarrms * mccarrms-password *
Start the Server
Start the pptpd service
service pptpd start
Configure the Client
Open up Network and Sharing Center, choose Set up a new connection or network, and select Connect to a workplace.
Choose Use my Internet connection (VPN) and enter in the Internet address of the PPTP server. Select Don't connect now.
Enter in the user name and password (chap secret), click Create, and click Close.
Return to Network and Sharing Center and click Change adapter settings.
Right click VPN Connection and choose Properties.
Select the Security tab, set the Type of VPN to Point to Point Tunneling Protocol (PPTP), and click OK.
Double click the VPN Connection and choose Connect.
You should now be connected to your PPTP VPN Server. Browse to http://www.whatismyip.com to verify that your traffic is going through the VPN server