• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

PPTP VPN

Easy Rhino

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
15,449 (2.42/day)
Location
Mid-Atlantic
System Specs
System Name Desktop
Processor i5 13600KF
Motherboard AsRock B760M Steel Legend Wifi
Cooling Noctua NH-U9S
Memory 4x 16 Gb Gskill S5 DDR5 @6000
Video Card(s) Gigabyte Gaming OC 6750 XT 12GB
Storage WD_BLACK 4TB SN850x
Display(s) Gigabye M32U
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply EVGA Supernova 650 P2
Mouse MX Master 3s
Keyboard Logitech G915 Wireless Clicky
Software The Matrix
I just installed and configured a PPTP VPN on a Centos 6 VM and it works very well.

You will need ppp and pptpd installed as well as "Development Tools"

You will need to ensure ip_forwarding is enabled in sysctl.conf

You will want to add the appropriate iptables rules for port 1723.

Finally will want to set your IP range for tunneling, point to googles DNS (optional) and add usernames/password.

I highly recommend this if you are like me and like to VPN using wireless from an untrusted location.
 
McSteel

McSteel

Joined
Nov 19, 2012
Messages
753 (0.18/day)
System Specs
System Name Chaos
Processor Intel Core i5 4590K @ 4.0 GHz
Motherboard MSI Z97 MPower MAX AC
Cooling Arctic Cooling Freezer i30 + MX4
Memory 4x4 GB Kingston HyperX Beast 2400 GT/s CL11
Video Card(s) Palit GTX 1070 Dual @ stock
Storage 256GB Samsung 840 Pro SSD + 1 TB WD Green (Idle timer off) + 320 GB WD Blue
Display(s) Dell U2515H
Case Fractal Design Define R3
Audio Device(s) Onboard
Power Supply Corsair HX750 Platinum
Mouse CM Storm Recon
Keyboard CM Storm Quickfire Pro (MX Red)
But will it properly change MSS to compensate for the overhead? Or does it have to be set manually in the forward chain of the firewall?
 
Easy Rhino

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
15,449 (2.42/day)
Location
Mid-Atlantic
System Specs
System Name Desktop
Processor i5 13600KF
Motherboard AsRock B760M Steel Legend Wifi
Cooling Noctua NH-U9S
Memory 4x 16 Gb Gskill S5 DDR5 @6000
Video Card(s) Gigabyte Gaming OC 6750 XT 12GB
Storage WD_BLACK 4TB SN850x
Display(s) Gigabye M32U
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply EVGA Supernova 650 P2
Mouse MX Master 3s
Keyboard Logitech G915 Wireless Clicky
Software The Matrix
McSteel said:
But will it properly change MSS to compensate for the overhead? Or does it have to be set manually in the forward chain of the firewall?
Click to expand...

Here are the firewall rules

#!/bin/bash
/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p gre -j ACCEPT
/sbin/iptables -A INPUT -p icmp -j ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/service iptables save
/sbin/iptables -L -v
 
McSteel

McSteel

Joined
Nov 19, 2012
Messages
753 (0.18/day)
System Specs
System Name Chaos
Processor Intel Core i5 4590K @ 4.0 GHz
Motherboard MSI Z97 MPower MAX AC
Cooling Arctic Cooling Freezer i30 + MX4
Memory 4x4 GB Kingston HyperX Beast 2400 GT/s CL11
Video Card(s) Palit GTX 1070 Dual @ stock
Storage 256GB Samsung 840 Pro SSD + 1 TB WD Green (Idle timer off) + 320 GB WD Blue
Display(s) Dell U2515H
Case Fractal Design Define R3
Audio Device(s) Onboard
Power Supply Corsair HX750 Platinum
Mouse CM Storm Recon
Keyboard CM Storm Quickfire Pro (MX Red)
Hm. Well, anyway, if a problem appears like broken connections and semi-working browsing or troubles with sending large files, the following should be added:

iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o ppp+ -j TCPMSS --clamp-mss-to-pmtu
 
Easy Rhino

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
15,449 (2.42/day)
Location
Mid-Atlantic
System Specs
System Name Desktop
Processor i5 13600KF
Motherboard AsRock B760M Steel Legend Wifi
Cooling Noctua NH-U9S
Memory 4x 16 Gb Gskill S5 DDR5 @6000
Video Card(s) Gigabyte Gaming OC 6750 XT 12GB
Storage WD_BLACK 4TB SN850x
Display(s) Gigabye M32U
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply EVGA Supernova 650 P2
Mouse MX Master 3s
Keyboard Logitech G915 Wireless Clicky
Software The Matrix
McSteel said:
Hm. Well, anyway, if a problem appears like broken connections and semi-working browsing or troubles with sending large files, the following should be added:

iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o ppp+ -j TCPMSS --clamp-mss-to-pmtu
Click to expand...

Good to know because I added traffic control logic through qdisc to throttle bandwidth on the VM.
 
You must log in or register to reply here.
Top