If you’ve been following our blog at all, you know that we are huge VPN advocates. We think that there are many benefits to using VPN. If you’ve been considering setting up a VPN for your own use, today we’ll be showing you how to do just that with your current URPad VPS.
And don’t worry! Setting up your VPN is actually fairly simple. In today’s lesson, we’ll be using the open-source PPTP client – perfect for beginners. PPTP is a straight-forward package that is easy to install and relatively simple to configure. We will also be designing this guide for use on CentOS 6, but it should be fairly easy to decipher the same information for other Linux distributions. So without any further adieu, let’s get started!
Step 1: Enable TUN and PPP on Your VPS
The first step to setting up your VPN is to enable both TUN and PPP on your own server. All you have to do here is log in to your control panel and make sure that both of these are enabled.
Step 2: Accessing the Epel Repository
Next, you will verify that your VPS (the server itself) has access to the Epel repository. If you need to add this repository, you can do so by using this easy command:
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
&& sudo rpm -Uvh epel-release-6*.rpm
Step 3: Installing PPTP
After installing the Ebel repository, your next step will be adding PPTP to your server. This is done by executing the following command:
yum install pptpd.x86_64 –y
Now for the fun part! Once you’ve installed PPTP to your server, you will need to configure the client.
Step 4: Configuring Your PPTP VPN
The first step to properly configuring your VPN is reviewing and editing your IP settings. Those can be retrieved (and edited) by going into your “/etc” folder and entering the following command:
nano.pptpd.conf
Your next step will be to add the following:
#logwtmp
option /etc/ppp/options.pptpd
localip 192.168.0.1
(This is the local VPN IP)
remoteip 192.168.0.100-200
(This is the IP range used for connections)
listen xx.xxx.x.x # eth0
(This is your public IP and network interface)
Notice that you’ll be setting the “listen” IP to be the external IP of your VPS. This is the IP that is assigned to your VPS.
Step 5: Adding Users to Your VPN
Once you’ve successfully installed and configured your PPTP VPN client, you’ll want to add users. You can find the user file in the folder, “/etc/ppp/chap-secrets”. You’d edit this file using the following command:
nano /etc/ppp/chap-secrets
Next, you set up usernames and passwords for however many users you plan to enable. This is done following this format:
User1username _____ * User1password _____ *
User2username _____ * User2password _____ *
That means that if you wanted to assign “User 1” a username of “vpn1” and a password of “Swordfish123” then your command would simply read:
vpn1 * Swordfish123 *
Step 6: Customizing User Configuration
Now that you’ve added the appropriate number of users to your VPN, your next step will be configuring some options within your “/etc/ppp/options.pptpd” file. You can do so by executing the following:
#custom settings for a simple fast pptp server
ms-dns 8.8.8.8
ms-dns 4.2.2.2
lock
name pptpd
require-mschap-v2
require-mppe-128
(Note that MPPE requires MSCHAP-V2 during authentication)
Next, you will configure the network. You do this by ediing the following line within the “/etc/systcl.conf” file:
net.ipv4.ip_forward = 1
Once this is done, you can apply your changes by running the sysctl –p
command.
Step 7: Completing Your VPN Set Up
You’re almost there!
All that’s left is to make some minor adjustments to your firewall to allow VPN access. You can do this by executing the following commands:
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
At last, you are ready to connect to your VPN! Start your server using this command:
/etc/init.d/pptpd restart-kill && /etc/init.d/pptpd start
Now all that’s left is to enjoy your new secure network! If you’d like to have the VPN start automatically each time your VPS is rebooted, you can do so using the following command:
chkconfig pptp on
Now that your VPN is up and running, what will you use it for? Tell us about your plans in the comments below!