Creating PPTP on Pfsense 2.2.4

If you want to build a PPTP server graphically build using pfsense nice looking interface, then please do follow the steps below. Here I assume, a proper NAT firewall is already running in the pfsense configuration.

Step-1

  1. Go to VPN > PPTP from top menu
  2. Under “Configuration” tab-
    1. PPTP redirection > Enable PPTP server
    2. Define “No of user”
    3. Server Address- type 1.2.3.4 (trust me, it works no matter whatever your WAN or LAN IP is!)
    4. Remote Address Range- <your LAN IP>
    5. PPTP DNS Server- I used- 114.130.5.5 and 8.8.8.8
    6. Place a ‘tick’ “Require 128-bit encryption”
    7. Save
    8. Continue reading “Creating PPTP on Pfsense 2.2.4” »

Share

Install VPN PPTP Server on CentOS

In this tutorial, I will use pptp as protocol to connect to VPN server using a username and password, with 128 bit MPPE encryption. Variable as below:

OS: CentOS 6 64bit
VPN server: 209.85.227.26
VPN client IP: 209.85.227.27 – 209.85.227.30
VPN username: vpnuser
Password: myVPN$99

Install ppp via yum:

$ yum install ppp -y

Download and install pptpd (the daemon for point-to-point tunneling). You can find the correct package at this website http://poptop.sourceforge.net/yum/stable/packages/ :

$ cd /usr/local/src
$ wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm
$ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

Updated rpm link-

https://lnmpp.googlecode.com/files/pptpd-1.3.4-2.el6.x86_64.rpm

Once installed, open /etc/pptpd.conf using text editor and add following line:

localip 209.85.227.26
remoteip 209.85.227.27-30

*in remoteip you can use your lan interface IP if you have dual interface.

Open /etc/ppp/options.pptpd and add authenticate method, encryption and DNS resolver value:

require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8

Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:

vpnuser pptpd myVPN$99 *

The format is: [username] [space] [server] [space] [password] [space][IP addresses]

We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:

net.ipv4.ip_forward = 1

Run following command to take effect on the changes:

sysctl -p

Allow IP masquerading in IPtables by executing following line:

$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ service iptables save
$ service iptables restart

Update: Once you have done with step 8, check the rules at /etc/sysconfig/iptables. Make sure that the POSTROUTING rules is above any REJECT rules.

Turn on the pptpd service at startup and reboot the server:

$ chkconfig pptpd on
$ init 6

Once the server is online after reboot, you should now able to access the PPTP server from the VPN client. You can monitor /var/log/messages for ppp and pptpd related log. Cheers!

Src: http://blog.secaserver.com/2011/10/install-vpn-pptp-server-centos-6/

 

Share