User Rating: 0 / 5

Star inactiveStar inactiveStar inactiveStar inactiveStar inactive
 

Hello celebrity porn
all i was recently trying to figure out how to create a good VPN(Virtual Private Network) on a Linux server. I have done many on Windows Server and ISA as well.

Here it is... I didn't do a fresh install for it so i had to search apt for the right package.

So first i ran

apt-get install pptpd

this will install the pptp server package that is needed for this install.

7. Open the pptpd.conf file: ‘

sudo nano /etc/pptpd.conf
Adjust the IP settings at the bottom to your needs. Under local IP you enter the IP in the local network of your VPN server (if you don’t know it type
sudo ifconfig
and it will show you your network interfaces and the assigned IPs). For that matter I recommend to set up a static IP in /etc/network/interfaces or in your router configuration.

8. If you want to, you can change the hostname in /etc/ppp/pptpd-options

9. Specify the user names and passwords you want to give access to your vpn:

sudo nano /etc/ppp/chap-secrets
. If you changed the hostname in the step before make sure you type in the same hostname now under ‘server’

Example:


# client        server  secret                  IP addresses

username pptpd   myübersecretpassword   *

As in pptp there is no keyfile security depends solely on the password. Which is why you should choose a long (eg. 32 characters), random password. You can generate such a password here.

10. Now we need to set up ip-masquerading:


sudo nano /etc/rc.local

Add the following lines above the line that says ‘exit 0


# PPTP IP forwarding

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Optionally I recommend securing your SSH server against brute force attacks:


# SSH Brute Force Protection

iptables -A INPUT -i eth0 -p tcp –dport 22 -m state –state NEW -m recent –set –name SSH

iptables -A INPUT -i eth0 -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 8 –rttl –name SSH -j DROP

(also to be inserted above ‘exit 0?)

You may have to change ‘eth 0? to another interface, depending on which interface is configured to connect to the internet on your machine.

11. Lastly, uncomment this line in /etc/sysctl.conf:


net.ipv4.ip_forward=1

12. Reboot

13. In case your vpn-server doesn’t directly connect to the internet you may need to forward port 1723 TCP and GRE to the LAN IP of your vpn-server. Refer to your router’s manual or to portforward.com for vendor specific instructions.

Done. Enjoy!

UPDATE(2010-07-18): If connecting to the vpn-server goes well but you can’t connect to the internet you might want to try uncommenting the ms-dns entries in /etc/ppp/pptpd-options so it looks like this:

ms-dns 208.67.222.222
ms-dns 208.67.220.220

And that's it. I was able to connect fine through my local network as well as the external. Thanks for reading.