PPTP Server Installation in CentOS 5

I am writing this document on how to build a Linux Point to Point Tunneling Protocol (PPTP) server using Poptop. This allows roaming users to connect to their corporate network from anywhere on the Internet securely and inexpensively. It supports Windows 95/98/Me/NT/2000/XP PPTP clients and Linux PPTP clients. The requirements are: –

CentOS 5
kernel-2.6.18-8.el5
ppp-2.4.4-1.el5

Kernel version 2.6.15 or above has MPPE built-in which is required for MSCHAPv2. CentOS 5 kernel version is 2.6.18 that means you do not need to install the MPPE module. CentOS 5 comes with ppp-2.4.4-1.el5 and it is MPPE support enabled.

1. Run the command below to test if your kernel supports MPPE and you should get a return an “ok”: –

modprobe ppp-compress-18 && echo ok

2. Download the RPM file pptpd-1.3.4-1.rhel5.1.i386.rpm from: –

http://poptop.sourceforge.net/yum/stable/packages/

3. Install the RPM by running this command: –

rpm -ivh pptpd-1.3.4-1.rhel5.1.i386.rpm

4. Change the following file /etc/ppp/options.pptpd as below: –

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

5. Change the following file /etc/pptpd.conf as below: –

option /etc/ppp/options.pptpd
logwtmp
localip 192.168.2.1
remoteip 192.168.2.11-15

6. Add the following username (johndie) and password (passwrd) in /etc/ppp/chap-secrets as below: –

# Secrets for authentication using CHAP
# client server secret IP addresses
johndoe pptpd passwrd *

7. Run the following command to enable the pptpd to start automatically in runlevel 3 and 5 as below: –

chkconfig --level 35 pptpd on

8. Now, you can start the pptpd service as below: –

service pptpd start

9. For pptpd to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf and change the line to below: –

net.ipv4.ip_forward = 1

10. To enable it immediately, run the following command below: –

sysctl -p

If you found these helpful, please contribute to help:

About wingloon

I am Linux engineer attempting to decode my knowledge through blogging in the World Wide Web. I will share my knowledge as much as possible about Linux (what I know best) and technology in general to all my readers.