Install/Configure PPTP Client (RHEL/CentOS/Ubuntu)

  1. Install PPTP Client

    • Ubuntu/Debian
    • {{{
      sudo apt-get install pptp-linux
      }}}

    • RHEL/CentOS/Fedora
    • {{{
      sudo yum install pptp
      }}}

  2. Modify chap-secrets `/etc/ppp/chap-secrets` and add the below line (replacing variables)
    {{{
    $USERNAME PPTP $PASSWORD *
    }}}
  3. Create a config file named `vpn.domain.com` in the directory `/etc/ppp/peers`, and add (replacing variables)
    {{{
    pty “pptp $VPN_SERVER –nolaunchpppd”
    name $USERNAME
    remotename PPTP
    require-mppe-128
    file /etc/ppp/options.pptp
    ipparam vpn.domain.com
    }}}
  4. Register the `ppp_mppe` kernel module
    {{{
    sudo modprobe ppp_mppe
    }}}
    *//Note that on a VPS, you will need to enable PPP through the VPS console.//
  5. Validate that the following options in `/etc/ppp/options.pptp` are not commented
    {{{
    lock
    noauth
    refuse-pap
    refuse-eap
    refuse-chap
    nobsdcomp
    nodeflate
    require-mppe-128
    }}}
  6. Edit `/etc/ppp/ip-up.d/route-traffic` and add the following route
    {{{
    #!/bin/bash
    NET=”10.0.0.0/8″ #< Modify IFACE="ppp0" #< Modify #IFACE=$1 route add -net ${NET} dev ${IFACE} }}}
  7. Connect to the VPN server

    • RedHat/CentOS
      {{{
      sudo pppd call vpn.domain.com
      }}}
    • Ubuntu/Debian
      {{{
      sudo pon vpn.domain.com
      }}}
  8. Verify that the interface is up
    {{{
    [root@atl-vps ppp]# ip a | grep ppp
    19: ppp0: mtu 1488 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp
    inet 198.23.230.10 peer 10.255.254.0/32 scope global ppp0
    }}}
    * //If the server will not start, look in `/var/log/messages` for errors from `pppd`//

Posted

in

by

Comments

9 responses to “Install/Configure PPTP Client (RHEL/CentOS/Ubuntu)”

  1. Shishir Avatar

    Hey nice post, Very helpful, I believe that 6th step file name should be :
    /etc/ppp/ip-up.d/route-traffic
    Your wrote:
    /etc/pppp/ip-up.d/route-traffic

    1. Dave Lasley Avatar

      Thanks for commenting, you are 100% correct. I have updated the article to reflect this

  2. Gary Avatar
    Gary

    Hey,
    My VPN connections drops after about 15 minutes or so any ideas for some scrip to
    re-run pppd every 15 min….???? I am not a Linux expert by any means ….. Any idea is
    appreciated…. Gary

    1. Dave Lasley Avatar

      Hi Gary,
      Your connection is likely timing out. Try adding `lcp-echo-interval 6000` to your `options.pptp`. This will send an echo request every 6000 seconds to keep your connection alive. Adjust the number to suit your needs

  3. Alex Avatar
    Alex

    Hi Dave,

    Great tutorial, thanks…
    Is it possible to define static DNS servers which are dynamically added passed to the resolv.conf when the PPTP connection is up? and are removed whenever the PPTP connection is down?

  4. Andrew Tegala Avatar

    How would you test that you are infact connected to the VPN?

    I would want to test the IP address being give out from the PC if connected to a website or a P2P service. I am using a headless CLI only Debian machine.

  5. Hari Avatar
    Hari

    Worked. Thank you Dave. :)

  6. ganskiy Avatar
    ganskiy

    Can you please help me with my problem. VPN stopped to work, it only worked for once. No reboot was. I just changed the username and password for non-test credentials.

    [toolpar@dev ~]$ sudo pptp debug call vpn
    anon warn[open_inetsock:pptp_callmgr.c:329]: connect: Connection refused
    anon fatal[callmgr_main:pptp_callmgr.c:127]: Could not open control connection to 89.218.79.118
    anon fatal[open_callmgr:pptp.c:479]: Call manager exited with error 256
    anon fatal[main:pptp.c:357]: Child process died

    [toolpar@dev ~]$ sudo cat /etc/ppp/peers/vpn
    pty “pptp 213.157.37.116 –nolaunchpppd”
    name “gatas\\emplar”
    remotename PPTP
    require-mppe-128
    file /etc/ppp/options.pptp
    ipparam vpn

    [toolpar@dev ~]$ sudo vim /etc/ppp/options.pptp
    lock
    noauth
    refuse-pap
    refuse-eap
    refuse-chap
    nobsdcomp
    nodeflate
    require-mppe-128

    1. Dave Lasley Avatar

      It looks like the client can’t access the VPN server in order to establish the connection. Typical cause of that problem is incorrect firewall or NAT configuration on the server, assuming the address is correct.

Leave a Reply

Your email address will not be published. Required fields are marked *