Syed Jahanzaib Personal Blog to Share Knowledge !

April 13, 2015

Short Notes Series: Adding VPN (PPTP) Dialer in Linux

Filed under: Linux Related — Tags: , , , — Syed Jahanzaib / Pinochio~:) @ 12:06 PM


vpn-animationAssalam Va Alaykum,

Following are short notes on How I added VPN [pptp] client in Linux [initially in centos, later I will add commands for Ubuntu as well] to a mikrotik base pptp vpn server. Mikrotik is using default profile for vpn users. Something like this

Mikrotik Section:

PPP Default Profile …



PPP Default Profile Protocols Section …




Ok now moving to linux to add vpn client


Adding PPTP VPN Client in CENTOS 6

First install PPTP client.

yum install pptp -y

Now add the username and password inside /etc/ppp/chap-secrets file

Note: I used NANO editor as its easier, but you can use any other editor like VI or other

nano /etc/ppp/chap-secrets

Now add your USER ID and PASSWORD in following scheme …

# Secrets for authentication using CHAP
# client        server           secret                 IP addresses
test              PPTP           testpass                       *

In above example, my vpn user name is test, and password is testpass.

Save & Exit.

Now create a VPN Dialer configuration file under /etc/ppp/peers directory called testvpn  using any text editor

nano /etc/ppp/peers/testvpn

and use following format

pty "pptp --nolaunchpppd"
name test
remotename PPTP
#file /etc/ppp/options.pptp
ipparam testvpn

In above Example. Make sure to change following items > with your target vpn server IP address or name
name test > Replace TEST with your supplied vpn dialer user name

Save & Exit.



Test Dialer Connectivity …

To dial , use following command from terminal …

pppd call testvpn

In second terminal, open messages log file so you can see the log info (and error messages if any, useful in troubleshooting) …

tail -f /var/log/messages

Upon successful logon,  the messages log shoul show you something as following …

Apr 13 06:43:39 radius pppd[1441]: pppd 2.4.5 started by root, uid 0
Apr 13 06:43:39 radius pppd[1441]: Using interface ppp0
Apr 13 06:43:39 radius pppd[1441]: Connect: ppp0 <--> /dev/pts/2
Apr 13 06:43:39 radius pptp[1442]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
Apr 13 06:43:39 radius pptp[1450]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
Apr 13 06:43:39 radius pptp[1450]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
Apr 13 06:43:39 radius pptp[1450]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
Apr 13 06:43:40 radius pptp[1450]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
Apr 13 06:43:40 radius pptp[1450]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
Apr 13 06:43:40 radius pptp[1450]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 921).
Apr 13 06:43:40 radius pppd[1441]: CHAP authentication succeeded
Apr 13 06:43:40 radius pppd[1441]: MPPE 128-bit stateless compression enabled
Apr 13 06:43:41 radius pppd[1441]: local  IP address
Apr 13 06:43:41 radius pppd[1441]: remote IP address


You can also check vpn interface via

ip a | grep ppp


[root@radius ~]# ip a | grep ppp
13: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1456 qdisc pfifo_fast state UNKNOWN qlen 3
inet peer scope global ppp0

Try pinging a system in the VPN network and you should get response from other side🙂



ADDING ROUTE via pptp dialer to access remote / target destination

Khunjerab - Pass Route / Beautiful PAKISTAN :) / zaib

Khunjerab – Pass Route / Beautiful PAKISTAN🙂 / zaib


NOTE: This will not add any ROUTE information in routing table, you can add it manually or in ifup/down file, As I didn’t required any default gateway but I added just one static route to access specific server only, example:

> Edit or create following file /etc/ppp/ip-up.local

& add following entries

route add -net dev ppp0

Now assign it executable rights
chmod +x /etc/ppp/ip-up.local

Note: change to match your remote target subnet you want to access via your linux pc. This is recommended method as it works on AUTO🙂


Or if its just for one session , use following command

route add -net netmask gw dev ppp0 is the remote office server subnet, and is the virtual gateway this pc should use to access remote site.

Or if all traffic should route via this , use (not tested yet)

route add default gw ppp0

Howto Stop Dialer

To Stop dialer, you can simply kill it with

killall pppd



Howto add AUTO RE-CONNECT / RE-DIAL option

Note: To make it auto re-connect (redial) you can add following directives in your vpn configuration file (example /etc/ppp/peers/testvpn) to make it auto reconnect.

maxfail 0

maxfail 0 and persist is for the connection to reconnect and retry forever.

You can also use script and schedule it to keep check on the dialer connectivity and perform specific action like inform you  via email, or whatever you like it to trigger. If interested in script base approach, there is already a good guide for this purposes here🙂



Syed Jahanzaib


  1. How can i block applications using mikrotik i want block streaming media

    Comment by jibran — April 15, 2015 @ 12:09 PM

  2. salam janzaib,
    i wana buy dma RM CS, i just wana know in what price u will provide me and what will payment term.
    and how to talk with u provide me any contact info .
    thanks 4 all these what u doing in forum.

    Comment by rehmat ali — April 20, 2015 @ 12:15 AM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at

%d bloggers like this: