Setup PPTP VPN Server on CentOS 6

This guide explains how to set up your own PPTP VPN on CentOS 6 by using the pptpd Daemon is available in the yum repository.

Please note that security vulnerabilities have been identified in the PPTP protocol, and it may be worth evaluating alternative VPN protocols before using PPTP.

Set up a VPN Server

Install the required packages.

yum install -y pptpd

Configure the PPTP settings. The ppp Configuration files are important for pptpd. First, configure /etc/ppp/options.pptpdas follows. If desired, you may change the DNS servers.

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp 
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4

Next, add users to the PPTP VPN service by editing /etc/ppp/chap-secrets. Change the username and passwords accordingly.

aklwebhost1  pptpd   P@$$w0rd  
aklwebhost2  pptpd   P@$$w0rd2  

Configure the pptpd daemon settings by editing /etc/pptpd.conf. Use the following example configuration. You can change the IP address ranges if needed.

option /etc/ppp/options.pptpd
logwtmp
localip 192.168.80.1
remoteip 192.168.80.101-200

Next, edit /etc/sysctl.conf to enable IP forwarding.

sed -i 's/^net.ipv4.ip_forward.*/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
sysctl -p

Configure routing with iptables.

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1723 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.80.0/24 -j MASQUERADE
service iptables save
service iptables start

Start the service.

service pptpd start

Your PPTP server setup is complete. Now you can connect to your own PPTP VPN server from your PC or mobile device.