Creating PPTP on Pfsense 2.2.4

If you want to build a PPTP server graphically build using pfsense nice looking interface, then please do follow the steps below. Here I assume, a proper NAT firewall is already running in the pfsense configuration.


  1. Go to VPN > PPTP from top menu
  2. Under “Configuration” tab-
    1. PPTP redirection > Enable PPTP server
    2. Define “No of user”
    3. Server Address- type (trust me, it works no matter whatever your WAN or LAN IP is!)
    4. Remote Address Range- <your LAN IP>
    5. PPTP DNS Server- I used- and
    6. Place a ‘tick’ “Require 128-bit encryption”
    7. Save
    8. Continue reading “Creating PPTP on Pfsense 2.2.4” »


Install VPN PPTP Server on CentOS

In this tutorial, I will use pptp as protocol to connect to VPN server using a username and password, with 128 bit MPPE encryption. Variable as below:

OS: CentOS 6 64bit
VPN server:
VPN client IP: –
VPN username: vpnuser
Password: myVPN$99

Install ppp via yum:

$ yum install ppp -y

Download and install pptpd (the daemon for point-to-point tunneling). You can find the correct package at this website :

$ cd /usr/local/src
$ wget
$ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

Updated rpm link-

Once installed, open /etc/pptpd.conf using text editor and add following line:


*in remoteip you can use your lan interface IP if you have dual interface.

Open /etc/ppp/options.pptpd and add authenticate method, encryption and DNS resolver value:


Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:

vpnuser pptpd myVPN$99 *

The format is: [username] [space] [server] [space] [password] [space][IP addresses]

We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:

net.ipv4.ip_forward = 1

Run following command to take effect on the changes:

sysctl -p

Allow IP masquerading in IPtables by executing following line:

$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ service iptables save
$ service iptables restart

Update: Once you have done with step 8, check the rules at /etc/sysconfig/iptables. Make sure that the POSTROUTING rules is above any REJECT rules.

Turn on the pptpd service at startup and reboot the server:

$ chkconfig pptpd on
$ init 6

Once the server is online after reboot, you should now able to access the PPTP server from the VPN client. You can monitor /var/log/messages for ppp and pptpd related log. Cheers!