# Install PPTPD VPN & UFW Firewall sudo apt-get install pptpd ufw
# Allow SSH sudo ufw allow 22 # Allow PPTP VPN sudo ufw allow 1723 # Allow HTTP - Only if you need it (If you don't run a website from the box don't add this) sudo ufw allow 80 sudo ufw enable
sudo cp /etc/ppp/pptpd-options /etc/ppp/pptpd-options.original sudo sed -i 's|refuse-pap|#refuse-pap|g' /etc/ppp/pptpd-options sudo sed -i 's|refuse-chap|#refuse-chap|g' /etc/ppp/pptpd-options sudo sed -i 's|refuse-mschap|#refuse-mschap|g' /etc/ppp/pptpd-options
This will set the DNS servers that VPN users will use. Below is configured for OpenDNS Family Shield/, make sure you set the DNS that you prefer
sudo sed -i 's|#ms-dns 10.0.0.1|ms-dns 208.67.222.123|g' /etc/ppp/pptpd-options sudo sed -i 's|#ms-dns 10.0.0.2|ms-dns 208.67.220.123|g' /etc/ppp/pptpd-options
If you plan to access machines on your network you need the localip to be in your current network range otherwise you can use the below and simply take advantage of the internet filtering
sudo cp /etc/pptpd.conf /etc/pptpd.conf.original sudo sed -i 's|#localip 192.168.0.1|localip 10.99.99.99|g' /etc/pptpd.conf sudo sed -i 's|#remoteip 192.168.0.234-238,192.168.0.245|remoteip 10.99.99.100-199|g' /etc/pptpd.conf
This is where you need to set a VPN username and password
Format: [username] pptpd [password] *
sudo cp /etc/ppp/chap-secrets /etc/ppp/chap-secrets.original sudo echo "VPNUserAccess pptpd vsE2bcZ6CqHANU7zH8M7C9qL8kmL9sL9 *" > /etc/ppp/chap-secrets
sudo /etc/init.d/pptpd restart sudo cp /etc/sysctl.conf /etc/sysctl.conf.original sudo sed -i 's|#net.ipv4.ip_forward=1|net.ipv4.ip_forward=1|g' /etc/sysctl.conf sudo sysctl -p sudo cp /etc/default/ufw /etc/default/ufw.original sudo sed -i 's|DEFAULT_FORWARD_POLICY="DROP"|DEFAULT_FORWARD_POLICY="ACCEPT"|g' /etc/default/ufw sudo cp /etc/ufw/before.rules /etc/ufw/before.rules.original sudo sed -i 's|# rules.before|# rules.before\n# NAT table rules\n*nat\n\n:POSTROUTING ACCEPT [0:0]\n# Allow forward traffic to eth0\n-A POSTROUTING -s 10.99.99.0/24 -o eth0 -j MASQUERADE\n\n# Process the NAT table rules\nCOMMIT|g' /etc/ufw/before.rules sudo ufw disable && sudo ufw enable
Reference: http://silverlinux.blogspot.com/2012/05/how-to-pptp-vpn-on-ubuntu-1204-pptpd.html
You must be logged in to post a comment.