User Tools

Site Tools



= pptpd : VPN Server = Scenario: I want to install a VPN server on a linux server which is connected to both a Private Lan, and to the Internet. I want to be able to allow Windows and Linux clients easily connect to this VPN with no hassle. We are going to use pptpd on debian, as it is on apt, and Windows clients can easily connect.

Install pptpd Server

apt-get install pptpd

Configure pptpd Server

vi /etc/pptpd.conf localip remoteip,

/etc/init.d/pptpd restart

Add Users

echo “username pptpd password *” » /etc/ppp/chap-secrets

To get Windows to connect to this VPN, no extra software is required :) Go into Network places, and go to “Add Network Connection” and look for a VPN option. All thats needed is the Internet IP of the VPN server, the username and password.


tail /var/log/daemon.log

More Info

Thanks very much to: <br>Comparison of VPN Solutions:


PPTP (Point-to-Point Tunneling Protocol) - Connecting to a Windows VPN from Linux

The following guide shows how easy it is to connect to a Windows based VPN running on Server 2003 etc. from a Debian Linux client. Its pretty easy to setup a new Network Connection in XP/Vista, however it is just as easy in Linux. This guide assumes that Debian Etch is been used as a client.

Install pptp

apt-get install pptp-linux

Method 1: pptp GUI

vi /etc/apt/sources.list

#include these three lines in the above file. # James Cameron's PPTP GUI packaging deb ./

apt-get update apt-get install pptpconfig

#Run the following as root (via a GUI). Not the best idea. A sudo command would be a little better. :~# pptpconfig The above shows up a nice interface which should work fine. A few tweaks, I had to carry out:

  • Routing Tab - Lan to Lan (option)
  • In the same Routing Tab, click “Edit Network Routes…” and add a Network ( and a Name.

Method 2: pptp CLI

1. /etc/ppp/options.pptp should be created automatically and contain all required info.

2. vi /etc/ppp/chap-secrets username TunnelName password *

3. vi /etc/ppp/peers/TunnelName # name of tunnel, used to select lines in secrets files remotename TunnelName

# name of tunnel, used to name /var/run pid file linkname TunnelName

# name of tunnel, passed to ip-up scripts ipparam TunnelName

# data stream for pppd to use pty “pptp –nolaunchpppd ”

# domain and username, used to select lines in secrets files name username

# adopt defaults from the pptp-linux package file /etc/ppp/options.pptp

4. pon TunnelName #do an ifconfig to see if the connection was correctly made and established. If not, see next line for debugging: pon TunnelName debug dump logfd 2 nodetach

5. route add -net netmask dev ppp0 iptables –insert OUTPUT 1 –source –destination –jump ACCEPT –out-interface ppp0 iptables –insert INPUT 1 –source –destination –jump ACCEPT –in-interface ppp0 iptables –insert FORWARD 1 –source –destination –jump ACCEPT –out-interface ppp0 iptables –insert FORWARD 1 –source –destination –jump ACCEPT iptables –table nat –append POSTROUTING –out-interface ppp0 –jump MASQUERADE iptables –append FORWARD –protocol tcp –tcp-flags SYN,RST SYN –jump TCPMSS –clamp-mss-to-pmtu

6. poff TunnelName #route automatically gets removed

7. #iptables -F (dangerous)

8. Optional Extra /etc/resolve.conf → set this to the internal DNS server

The above information was obtained from:<br> <br>

Information and code was also obtained from firstly going through the GUI method.

Other Information

In case you want to mount a windows share on linux, smbmount maynot work due to SMB password security restrictions of Server 2003. Instead the following will have to be used: mount -t cifs //yoursever/yourshare /mnt/somepath -o username=validserveraccount


Note: Beware that the passwords for connecting to the VPN are stored in: /etc/ppp/chap-secrets

pptp_-_vpn.txt · Last modified: 2022/07/19 21:13 by