Ubuntu – PPTPD VPN Install & Configure

ByDavid Kittell
| | 
# Install PPTPD VPN & UFW Firewall
sudo apt-get install pptpd ufw

# Allow SSH
sudo ufw allow 22

# Allow PPTP VPN
sudo ufw allow 1723

# Allow HTTP - Only if you need it (If you don't run a website from the box don't add this)
sudo ufw allow 80

sudo ufw enable

sudo cp /etc/ppp/pptpd-options /etc/ppp/pptpd-options.original
sudo sed -i 's|refuse-pap|#refuse-pap|g' /etc/ppp/pptpd-options
sudo sed -i 's|refuse-chap|#refuse-chap|g' /etc/ppp/pptpd-options
sudo sed -i 's|refuse-mschap|#refuse-mschap|g' /etc/ppp/pptpd-options

This will set the DNS servers that VPN users will use. Below is configured for OpenDNS Family Shield/, make sure you set the DNS that you prefer

sudo sed -i 's|#ms-dns 10.0.0.1|ms-dns 208.67.222.123|g' /etc/ppp/pptpd-options
sudo sed -i 's|#ms-dns 10.0.0.2|ms-dns 208.67.220.123|g' /etc/ppp/pptpd-options

If you plan to access machines on your network you need the localip to be in your current network range otherwise you can use the below and simply take advantage of the internet filtering

sudo cp /etc/pptpd.conf /etc/pptpd.conf.original
sudo sed -i 's|#localip 192.168.0.1|localip 10.99.99.99|g' /etc/pptpd.conf
sudo sed -i 's|#remoteip 192.168.0.234-238,192.168.0.245|remoteip 10.99.99.100-199|g' /etc/pptpd.conf

This is where you need to set a VPN username and password
Format: [username] pptpd [password] *

sudo cp /etc/ppp/chap-secrets /etc/ppp/chap-secrets.original
sudo echo "VPNUserAccess pptpd vsE2bcZ6CqHANU7zH8M7C9qL8kmL9sL9 *" > /etc/ppp/chap-secrets

sudo /etc/init.d/pptpd restart

sudo cp /etc/sysctl.conf /etc/sysctl.conf.original
sudo sed -i 's|#net.ipv4.ip_forward=1|net.ipv4.ip_forward=1|g' /etc/sysctl.conf
sudo sysctl -p

sudo cp /etc/default/ufw /etc/default/ufw.original
sudo sed -i 's|DEFAULT_FORWARD_POLICY="DROP"|DEFAULT_FORWARD_POLICY="ACCEPT"|g' /etc/default/ufw

sudo cp /etc/ufw/before.rules /etc/ufw/before.rules.original
sudo sed -i 's|# rules.before|# rules.before\n# NAT table rules\n*nat\n\n:POSTROUTING ACCEPT [0:0]\n# Allow forward traffic to eth0\n-A POSTROUTING -s 10.99.99.0/24 -o eth0 -j MASQUERADE\n\n# Process the NAT table rules\nCOMMIT|g' /etc/ufw/before.rules

sudo ufw disable && sudo ufw enable

Reference: http://silverlinux.blogspot.com/2012/05/how-to-pptp-vpn-on-ubuntu-1204-pptpd.html

All information on this site is shared with the intention to help. Before any source code or program is ran on a production (non-development) system it is suggested you test it and fully understand what it is doing not just what it appears it is doing. I accept no responsibility for any damage you may do with this code.