This PPTP VPN server works with both CentOS 7 LXC and KVM.
1. Install the following packages:
yum -y install epel-release yum -y install ppp pptpd net-tools iptables-services
2. Install nano as the text editor:
yum -y install nano
3. Create options.pptpd:
echo 'name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 proxyarp lock nobsdcomp novj novjccomp nologfd ms-dns 8.8.8.8 ms-dns 8.8.4.4' > /etc/ppp/options.pptpd
4. Create pptpd.conf:
echo 'option /etc/ppp/options.pptpd logwtmp localip 10.0.10.1 remoteip 10.0.10.2-254' > /etc/pptpd.conf
5. Enable IP Forwarding:
echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf sysctl -p
6. Firewall Configuration:
systemctl stop firewalld.service systemctl disable firewalld.service service iptables save service iptables stop chkconfig iptables off iptables -F chmod +x /etc/rc.d/rc.local
7. Put rules in iptables:
iptables -A INPUT -p gre -j ACCEPT iptables -A OUTPUT -p gre -j ACCEPT iptables -A FORWARD -s 10.0.0.0/8 -j ACCEPT iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT iptables-save
8. Start PPTP service:
service pptpd start
9. Verify PPTP service:
netstat -alon | grep :1723or
netstat -alpn | grep pptp
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN off (0.00/0/0)
10. Manage PPTP Users:
nano /etc/ppp/chap-secrets
# Secrets for authentication using CHAP # client server secret IP addresses Put your Username and Password like this (choose your own username & password): UserName1 pptpd PassWord1 * Once you've completed the edit, save the file by pressing CTRL + X, choose 'y', and press ENTER. Restart the PPTP service to load the new file: service pptpd restart Enable PPTP service at startup: systemctl enable pptpd.service
Your PPTP VPN server setup is now complete. You should now be able to log in to your VPN server.
