This tutorial will go through the steps to install a PPTP VPN on CentOS 7 systems. A virtual private network (VPN) is a network that extends a private network (i.e. LAN) across a public network, such as the Internet. It enables communications between computers and devices across shared or public networks as if they were directly connected to the private network while benefiting from the functionality, security and management policies of the private network.
This is done by establishing a virtual point-to-point connection through dedicated connections, encryption, or a combination of the two. If two computers are connected through a VPN, they can communicate directly in the same way as if they were on the local network. Although the two computers could be physically very distant, the other computers on the internet cannot intercept their communication.
What is Point-To-Point Tunneling (PPTP)?
Point-to-Point Tunneling Protocol, or PPTP, is a VPN protocol that ensures proper communications between a VPN client and a VPN server. It also is available for CentOS Linux. Although this is a widely used protocol, it is rarely used nowadays by administrators. The reason for this is that this protocol doesn't come with encryption and authentication.
First, install pptpd
yum install ppp iptables nano
cd /usr/local/src
For 64bit OS:
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm
rpm -Uhvpptpd-1.4.0-1.el6.x86_64.rpm
For 32bit OS:
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.i686.rpm
rpm -Uhv pptpd-1.4.0-1.el6.i686.rpm
Setup pptpd
Edit IP setttings in /etc/pptpd.conf:
nano /etc/pptpd.conf
localip 192.168.0.1 # your VPS/Dedicated Server IP address remoteip 192.168.0.101-200
And the following settings to /etc/ppp/options.pptpd:
ms-dns 8.8.8.8 ms-dns 4.4.4.4
Create a user to access the VPN server
Add user account in/etc/ppp/chap-secrets (assign username and password):
nano /etc/ppp/chap-secrets
vpn pptpd vpnpassword *
Enable network forwarding in /etc/sysctl.conf
nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
To make the changes to sysctl.conf take effect, use the following command:
sysctl -p
Set up iptables
You need to add the following iptables rules to open the correct ports and properly forward the data packets:
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Start PPTP VPN server
service pptpd restart
chkconfig pptpd on
Congratulations! You have successfully installed the PPTP VPN on CentOS 7.
Conclusions
We hope this tutorial helped you install PPTP VPN on CentOS 7. PPTP protocol does not come with authentication or encryption. Therefore, most administrators avoid using that. But it is very straightforward in CentOS distribution. Usually, the PPTP protocol is used to provide similar levels of protection, security, and remote access as typical VPN products. For an added layer of security, you can use the PPTP control channel over the TCP and a GRE tunnel to enclose the PPP packets and give them more security and protection.
People also read: