Difference between revisions of "Install VPN PPTPD on RHEL 7"

Latest revision as of 18:28, 14 January 2016

Verify your RHEL version

# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)

Build and Install (Not working)

You can grab the latest release from http://sourceforge.net/projects/poptop/files/pptpd/

#Before doing this, make sure you installed Development Tools
yum group install "Development Tools"
yum install ppp ppp-devel
wget http://downloads.sourceforge.net/project/poptop/pptpd/pptpd-1.4.0/pptpd-1.4.0.tar.gz
tar -xvzf pptpd-1.4.0.tar.gz
cd pptpd-1.4.0
./configure
make && make install

For some reason, this doesn't install pptpd.conf. I need to find alternatives.

Install From Repo (Works)

rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
yum install pptpd

Setup pptpd

See https://www.digitalocean.com/community/tutorials/how-to-setup-your-own-vpn-with-pptp

or

http://www.ewdisonthen.com/how-to-setup-pptp-vpn-server-on-linux-tutorial-07577.php

vim /etc/pptpd.conf
# Add 
localip 10.0.0.1
remoteip 10.0.0.100-200

vim /etc/ppp/pptpd-options
# Add
ms-dns 8.8.8.8
ms-dns 8.8.4.4

vim /etc/sysctl.conf
# Add
net.ipv4.ip_forward = 1
# Run
sysctl -p
#verify it's listening the port
netstat -alpn | grep 1723
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

Setup iptable forwarding

Make a file ppt.sh and paste contents below

#/bin/bash
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
# this line will constrain the MTU to solve some strange problems with MTU inconsistency.
iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1356
iptables-save