Syed Jahanzaib Personal Blog to Share Knowledge !

September 27, 2016

Howto add Simple VPN (PPTP) Server in Ubuntu

Filed under: Linux Related — Tags: , , — Syed Jahanzaib / Pinochio~:) @ 9:41 AM

VPN (PPTP) Server in Ubuntu


This post contains short notes on HOW-TO add simple pptp based VPN server in Ubuntu. It it useful in many scenarios example if you have Linux server in the office, and want to connect to it from anywhere in the world. OR you can use it in a situation where you want your billing server to act like a centralized billing system for all the remote locations NASES.

Ideally you should have static Public IP on this vpn server, but you can bypass this requirement by adding an DDNS name as well as a workaround like changeip.com. I remember that I did similar configuration at some philippine network and one at cloud.

 

Components Used:

OS = Ubuntu 12.4 on Cloud with static Public IP address
Clients = Windows 7 / Mikrotik Routerboards

Let’s Start…


Install PPTPD Package

Install PPTPD package in ubuntu by issuing following command

sudo apt-get -y install pptpd

Now Issue following to add vpn server options like local/remote ip addresses. I used echo command to directly insert text/data into the config files rather than editing by nano/vim. use whatever is easier for you.

# This will be the virtual ip of the vpn server
echo "localip 192.168.10.1" >> /etc/pptpd.conf

# Remote vpn client will get IP from this ip pool range
echo "remoteip 192.168.10.10-20" >> /etc/pptpd.conf

#This is to provide DNS , but in this example I really dont need natting for remote vpn client, 
#as remote mikrotik will sue this server for radius autehnticaiton only, not as there default gateway 🙂
echo "ms-dns 8.8.8.8" >> /etc/pptpd.conf 

Add a TEST account for client in /etc/ppp/chap-secrets

echo "zaibid pptpd zaibpassword *" >> /etc/ppp/chap-secrets

Description:
zaibid = username for remote vpn client
pptpd = service type
zaibpassword = Password for remote vpn client
* = any ip from the pool, if you want to provide same ip to client every time, add ip like 192.168.1.1


TIP:
To Assign static ip to any remote vpn client

To assign static ip to remove vpn client, you can use following

zaibid pptpd zaibpassword 192.168.100.25

Finally restart pptpd service …

/etc/init.d/pptpd restart

Make sure the service is started

service pptpd status

or

ps aux |grep pptpd

If you see it’s running, our Server End is probably OK.


VPN CLIENT in WINDOWS 7

Create a VPN dialer in Windows

Snapshots just for reference …

windows-7-vpn-client


VPN (pptp) CLIENT in Mikrotik RouterOS

vpn-connected-from-mikrotik-client


VPN Server Log Window.

(You can enable log in by uncomment word #debug in /etc/pptpd.conf)

Sep 27 04:15:22 radius pptpd[7582]: MGR: Launching /usr/sbin/pptpctrl to handle client
Sep 27 04:15:22 radius pptpd[7582]: CTRL: local address = 192.168.0.1
Sep 27 04:15:22 radius pptpd[7582]: CTRL: remote address = 192.168.0.234
Sep 27 04:15:22 radius pptpd[7582]: CTRL: pppd options file = /etc/ppp/pptpd-options
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Client X.X.X.X control connection started
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Received PPTP Control Message (type: 1)
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Made a START CTRL CONN RPLY packet
Sep 27 04:15:22 radius pptpd[7582]: CTRL: I wrote 156 bytes to the client.
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Sent packet to client
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Received PPTP Control Message (type: 7)
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Set parameters to 10000000 maxbps, 100 window size
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Made a OUT CALL RPLY packet
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Starting call (launching pppd, opening GRE)
Sep 27 04:15:22 radius pptpd[7582]: CTRL: pty_fd = 6
Sep 27 04:15:22 radius pptpd[7582]: CTRL: tty_fd = 7
Sep 27 04:15:22 radius pptpd[7582]: CTRL: I wrote 32 bytes to the client.
Sep 27 04:15:22 radius pptpd[7582]: CTRL: Sent packet to client
Sep 27 04:15:22 radius pptpd[7583]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Sep 27 04:15:22 radius pptpd[7583]: CTRL (PPPD Launcher): local address = 192.168.0.1
Sep 27 04:15:22 radius pptpd[7583]: CTRL (PPPD Launcher): remote address = 192.168.0.234
Sep 27 04:15:22 radius pppd[7583]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Sep 27 04:15:22 radius pppd[7583]: pppd 2.4.5 started by root, uid 0
Sep 27 04:15:22 radius pppd[7583]: Using interface ppp0
Sep 27 04:15:22 radius pppd[7583]: Connect: ppp0 <--> /dev/pts/1
Sep 27 04:15:22 radius pptpd[7582]: GRE: Bad checksum from pppd.
Sep 27 04:15:22 radius pptpd[7582]: GRE: accepting packet #0
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #1
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #2
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #3
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #4
Sep 27 04:15:23 radius pppd[7583]: peer from calling number "X.X.X.X" authorized
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #5
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #6
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #7
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #8
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #9
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #10
Sep 27 04:15:23 radius pppd[7583]: MPPE 128-bit stateless compression enabled
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #11
Sep 27 04:15:23 radius pptpd[7582]: GRE: accepting packet #12
Sep 27 04:15:24 radius pptpd[7582]: GRE: accepting packet #13
Sep 27 04:15:24 radius pptpd[7582]: GRE: accepting packet #14
Sep 27 04:15:24 radius pppd[7583]: Cannot determine ethernet address for proxy ARP
Sep 27 04:15:24 radius pppd[7583]: local IP address 192.168.0.1
Sep 27 04:15:24 radius pppd[7583]: remote IP address 192.168.0.234
Sep 27 04:15:52 radius pptpd[7582]: CTRL: Received PPTP Control Message (type: 5)
Sep 27 04:15:52 radius pptpd[7582]: CTRL: Made a ECHO RPLY packet
Sep 27 04:15:52 radius pptpd[7582]: CTRL: I wrote 20 bytes to the client.
Sep 27 04:15:52 radius pptpd[7582]: CTRL: Sent packet to client
Sep 27 04:15:53 radius pptpd[7582]: GRE: accepting packet #15

4 Comments »

  1. thanks u too much dear Bro……waiting for this for long time

    Comment by patel Deepak — September 27, 2016 @ 10:10 AM

  2. Internet is not working after connection!

    Comment by Jahanzeb Abbasi — September 27, 2016 @ 10:56 AM

    • internet shouldn’t be working as I already explained in the comments. If you make a habit of FOCUSING while READING and not skipping the COMMENTS, you should have already know why its not working.

      In this example I clearly mentioned that its just to access the server itself only, not for internet. for internet you should add some iptables base rules in order to masquerade traffic. examples are here.
      https://help.ubuntu.com/community/PPTPServer

      Comment by Syed Jahanzaib / Pinochio~:) — September 27, 2016 @ 11:06 AM

      • yeah i have add rules after adding rules internet is working! softether vpn server is good option for remote connectivity!

        Comment by Jahanzeb Abbasi — September 27, 2016 @ 12:31 PM


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: