Looking for a beginner-friendly VPN setup for your Ubuntu system? You’re in the right place! Today, I’ll walk you through the easiest way to create a PPTP VPN server on Ubuntu 16.04. While PPTP might not be the most advanced option out there, its simplicity and wide compatibility make it a favorite for many.
What You’ll Learn:
- Setting up PPTP on Ubuntu 16.04
- Configuration essentials for a VPN server
- Enabling users to access the internet securely
Step 1: Initialization
First things first, let’s get started by entering the superuser mode:
sudo su
Step 2: Installing PPTP
Execute the following commands to install the pptpd package:
apt-get update && apt-get upgrade
apt-get install pptpd
Step 3: Configuration Details
Now, let’s fine-tune our configurations:
-
PPTP Configuration
Edit with:
nano /etc/pptpd.conf
Ensure it reads:
option /etc/ppp/pptpd-options
logwtmp
#internal server address which will be seen by clients
localip 192.168.6.1
#clients address pool
remoteip 192.168.6.10-210
connections 100
-
Options Configuration
Edit the pptpd-options using:
nano /etc/ppp/pptpd-options
Update its content to:
name pptpd
refuse-pap
nobsdcomp
#turn on encryption
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
novjccomp
nodefaultroute
lock
nobsdcomp
#you can enable radius connection, but it’s different story =)
#plugin radius.so
#plugin radattr.so
lcp-echo-failure 50
#you can change mtu values if required.
mtu 1400
mru 1400
-
Usernames & Passwords
Set up client usernames and passwords:
nano /etc/ppp/chap-secrets
For example:
# Secrets for authentication using CHAP
# client server secret IP addresses
test1 pptpd testtest 192.168.6.100
Step 4: Internet Access through VPN
Allow secure internet access for your users. Here’s how:
nano /etc/sysctl.conf
Add or uncomment the line:
net.ipv4.ip_forward=1
After this, perform masquerading from your VPN network to the internet. The method varies depending on which firewall you are using. I will demonstrate the process for bare iptables and for ufw.
In the first case, for pure iptables:
iptables -t nat -A POSTROUTING -s 192.168.6.0/24 -o eth0 -j MASQUERADE
Here, eth0
is your interface facing the internet, and 192.168.6.0
is the VPN network.
iptables-save > /etc/iptables.up.rules
nano /etc/network/interfaces
At the end of the file, add:
pre-up iptables-restore < /etc/iptables.up.rules
In the second case, for ufw:
nano /etc/default/ufw
Find the DEFAULT_FORWARD_POLICY
and set it to ACCEPT:
DEFAULT_FORWARD_POLICY=”ACCEPT”
Next:
nano /etc/ufw/before.rules
In this file, right after the initial comments, add:
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.6.0/24 -o eth0 -j MASQUERADE
COMMIT
To apply the new rule, execute:
ufw disable && ufw enable
Step 5: Testing & Troubleshooting
Once set up, you can attempt to connect. Remember to enable encryption and use the mschapv2 protocol for successful connections. For insights into connection processes, check logs at /var/log/syslog
.
If you want to kill all conections:
killall ppp
Setting up a simple PPTP VPN on Ubuntu 16.04 is straightforward. Follow our step-by-step guide and secure your connections today! If you found this guide helpful, consider sharing it with fellow Ubuntu enthusiasts.