Install/Configure PPTP Client (RHEL/CentOS/Ubuntu)
-
Install PPTP Client
- Ubuntu/Debian
sudo apt-get install pptp-linux
- RHEL/CentOS/Fedora
-
Modify chap-secrets
/etc/ppp/chap-secrets
and add the below line (replacing variables)$USERNAME PPTP $PASSWORD *
-
Create a config file named
vpn.domain.com
in the directory/etc/ppp/peers
, and add (replacing variables)pty "pptp $VPN_SERVER --nolaunchpppd" name $USERNAME remotename PPTP require-mppe-128 file /etc/ppp/options.pptp ipparam vpn.domain.com
-
Register the
ppp_mppe
kernel modulesudo modprobe ppp_mppe
*Note that on a VPS, you will need to enable PPP through the VPS console.
-
Validate that the following options in
/etc/ppp/options.pptp
are not commentedlock noauth refuse-pap refuse-eap refuse-chap nobsdcomp nodeflate require-mppe-128
-
Edit
/etc/ppp/ip-up.d/route-traffic
and add the following route#!/bin/bash NET="10.0.0.0/8" #< Modify IFACE="ppp0" #< Modify #IFACE=$1 route add -net ${NET} dev ${IFACE}
-
Connect to the VPN server
-
RedHat/CentOS
sudo pppd call vpn.domain.com
-
Ubuntu/Debian
sudo pon vpn.domain.com
-
RedHat/CentOS
-
Verify that the interface is up
[root@atl-vps ppp]# ip a | grep ppp 19: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1488 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp inet 198.23.230.10 peer 10.255.254.0/32 scope global ppp0
- If the server will not start, look in
/var/log/messages
for errors frompppd
- If the server will not start, look in
sudo yum install pptp
Hey nice post, Very helpful, I believe that 6th step file name should be :
/etc/ppp/ip-up.d/route-traffic
Your wrote:
/etc/pppp/ip-up.d/route-traffic
Thanks for commenting, you are 100% correct. I have updated the article to reflect this
Hey,
My VPN connections drops after about 15 minutes or so any ideas for some scrip to
re-run pppd every 15 min….???? I am not a Linux expert by any means ….. Any idea is
appreciated…. Gary
Hi Gary,
Your connection is likely timing out. Try adding `lcp-echo-interval 6000` to your `options.pptp`. This will send an echo request every 6000 seconds to keep your connection alive. Adjust the number to suit your needs
Hi Dave,
Great tutorial, thanks…
Is it possible to define static DNS servers which are dynamically added passed to the resolv.conf when the PPTP connection is up? and are removed whenever the PPTP connection is down?
How would you test that you are infact connected to the VPN?
I would want to test the IP address being give out from the PC if connected to a website or a P2P service. I am using a headless CLI only Debian machine.
Worked. Thank you Dave. :)
Can you please help me with my problem. VPN stopped to work, it only worked for once. No reboot was. I just changed the username and password for non-test credentials.
[toolpar@dev ~]$ sudo pptp debug call vpn
anon warn[open_inetsock:pptp_callmgr.c:329]: connect: Connection refused
anon fatal[callmgr_main:pptp_callmgr.c:127]: Could not open control connection to 89.218.79.118
anon fatal[open_callmgr:pptp.c:479]: Call manager exited with error 256
anon fatal[main:pptp.c:357]: Child process died
[toolpar@dev ~]$ sudo cat /etc/ppp/peers/vpn
pty “pptp 213.157.37.116 –nolaunchpppd”
name “gatas\\emplar”
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam vpn
[toolpar@dev ~]$ sudo vim /etc/ppp/options.pptp
lock
noauth
refuse-pap
refuse-eap
refuse-chap
nobsdcomp
nodeflate
require-mppe-128
It looks like the client can’t access the VPN server in order to establish the connection. Typical cause of that problem is incorrect firewall or NAT configuration on the server, assuming the address is correct.