This tutorial will go through the steps to install a PPTP VPN on CentOS 7 systems. A virtual private network (VPN) is a network that extends a private network (i.e. LAN) across a public network, such as the Internet. It enables communications between computers and devices across shared or public networks as if they were directly connected to the private network while benefiting from the functionality, security and management policies of the private network.

This is done by establishing a virtual point-to-point connection through dedicated connections, encryption, or a combination of the two. If two computers are connected through a VPN, they can communicate directly in the same way as if they were on the local network. Although the two computers could be physically very distant, the other computers on the internet cannot intercept their communication.

What is Point-To-Point Tunneling (PPTP)?

Point-to-Point Tunneling Protocol, or PPTP, is a VPN protocol that ensures proper communications between a VPN client and a VPN server. It also is available for CentOS Linux. Although this is a widely used protocol, it is rarely used nowadays by administrators. The reason for this is that this protocol doesn't come with encryption and authentication. 

First, install pptpd

yum install ppp iptables nano

cd /usr/local/src

For 64bit OS:


rpm -Uhvpptpd-1.4.0-1.el6.x86_64.rpm

For 32bit OS:


rpm -Uhv pptpd-1.4.0-1.el6.i686.rpm

Setup pptpd

Edit IP setttings in /etc/pptpd.conf:

nano /etc/pptpd.conf

localip # your VPS/Dedicated Server IP address 

And the following settings to /etc/ppp/options.pptpd:


Create a user to access the VPN server

Add user account in/etc/ppp/chap-secrets (assign username and password):

nano /etc/ppp/chap-secrets

vpn pptpd vpnpassword *

Enable network forwarding in /etc/sysctl.conf

nano /etc/sysctl.conf

net.ipv4.ip_forward = 1

To make the changes to sysctl.conf take effect, use the following command:

sysctl -p

Set up iptables

You need to add the following iptables rules to open the correct ports and properly forward the data packets:

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT

iptables -A INPUT -i eth0 -p gre -j ACCEPT

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Start PPTP VPN server

service pptpd restart

chkconfig pptpd on

Congratulations! You have successfully installed the PPTP VPN on CentOS 7.


We hope this tutorial helped you install PPTP VPN on CentOS 7. PPTP protocol does not come with authentication or encryption. Therefore, most administrators avoid using that. But it is very straightforward in CentOS distribution. Usually, the PPTP protocol is used to provide similar levels of protection, security, and remote access as typical VPN products. For an added layer of security, you can use the PPTP control channel over the TCP and a GRE  tunnel to enclose the PPP packets and give them more security and protection. 

People also read: