Setup a PPTP server:

Recently I have been wanting to connect to my home network, from anywhere in the world. I want to connect back home via the device I have in my hands on me at the time. This could be my osx, windows 7, linux laptop, ipad, iphone or android device. I was originally thinking of setting up openvpn, as this was the easiest to setup, but decided against as there is clients for windows, android, linux, osx but not for ios devices. So I had to look for another virtual private network software. I was looking of setting up a ipsec/l2tp server, but decided at the moment against this, as it will take some time to setup and debug. This left me with pptp. This protocol is common to all devices and needed no extra client installed for it to run.

The following steps below will show you howto setup a pptp server.

Ubuntu 10.04

# apt-get install ppp pptpd pptp-linux

Enable port 22 in your firewall to pass throu for emergency purposes to ssh back into the machine. Here is the command to allow ssh through. You need to edit your permanent firewalls for this work on reboot.

# /sbin/iptables -A INPUT –protocol tcp –dport 22 -j ACCEPT

Enable port 1723 in your firewall to pass throu for pptp protocol to work on your system.

# /sbin/iptables -A INPUT –protocol tcp –dport 1723 -j ACCEPT
/sbin/iptables -A INPUT –protocol udp –dport 1723 -j ACCEPT

now we modify the /etc/pptpd.conf file. Look for the lines below in your file and modify them. These lines represent the ip address the vpn connections can have upon your local network.

localip 192.168.0.1 remoteip 192.168.0.241-255

The localip is the ip if the internal nic behind the wan port. This ip address is the ip of the pptp server. The remoteip is the ip’s allocated by the pptp process when you make a connection. I have allocated 15 ip’s. This allows me to have 15 devices connected to the server. I probably only need two ips allocated.

Now we modify /etc/ppp/pptpd.options edit the ms-dns entries to reflect the domain nameserver your network uses. A example is below. ms-dns 8.8.8.8 ms-dns 8.8.4.4

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Also modify your file /etc/sysctl.conf

net.ipv4.ip_forward=1

No we need to restart the system controls. The other option than below is restarting the machine.

# sysctl -p

You now need to add users to the system, so we can make a login into the pptp server. You modify the /etc/ppp/chap-secrets file.

username <TAB> * <TAB> user-password <TAB> *

You now need to restart the pptpd daemon for all the changes to be implemented.

# /etc/init.d/pptpd restart