Escolar Documentos
Profissional Documentos
Cultura Documentos
Pgina 1 de 17
How-To Geek
How to Setup a VPN (PPTP) Server on Debian Linux
VPN-ing into your server will allow you to connect to every possible service running on it, as if you were sitting next to it on the same network, without individually forwarding every port combination for every service you would like to access remotely. Using a VPN connection also has the upshot of, if desired, granting access to other computers on the network as if you where in it locally from anywhere across the internet. While not the most secure of the VPN solutions out there, PPTP is by far the simplest to install, configure and connect to from any modern system and from windows specifically as the client is a part of the OS since the XP days and you dont need to mess with certificates (like with L2TP+IPsec or SSL VPNs) on both sides of the connection. Did i get you interested? then lets go
Preface
You will need to forward port 1723 from the internet to the server to enable the connection (not covered here). You will see me use VIM as the editor program, this is just because Im used to it you may use any other editor that youd like.
Server Setup
Install the pptp server package: sudo aptitude install pptpd
Where the localip is the address of the server, and the remoteip are the addresses that will be handed out to the clients, it is up to you to adjust these for your networks requirements. Edit the /etc/ppp/pptpd-options configuration file:
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 2 de 17
Append to the end of the file, the following directives: ms-dns 192.168.1.1 nobsdcomp noipx mtu 1490 mru 1490
Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting to and, again, it is your responsibility to adjust this to your networks configuration. Edit the chap secrets file: sudo vim /etc/ppp/chap-secrets
Add to it the authentication credentials for a users connection, in the following syntax: username <TAB> * <TAB> users-password <TAB> *
Restart the connections daemon for the settings to take affect: sudo /etc/init.d/pptpd restart
If you dont want to grant yourself access to anything beyond the server, then youre done on the server side.
Find the net.ipv4.ip_forward line and change the parameter from 0 (disabled) to 1 (enabled): net.ipv4.ip_forward=1
You can either restart the system or issue this command for the setting to take affect: sudo sysctl -p
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 3 de 17
With forwarding enabled, all the server side settings are prepared. We recommend using a Split Tunnel connection mode for the VPN client. A more in depth explanation about the recommended Split Tunnel mode, as well as instructions for Ubuntu Linux users can be found in the Setting up a Split Tunnel VPN (PPTP) Client on Ubuntu 10.04 guide. For windows users, follow the guides below to create the VPN client on your system. PPTP VPN Dialer Setup on XP (split tunnel) We will create a regular VPN dialer with one note worthy exception, that we will set the system to NOT use it as the Default Gateway when connected. Skipping this step will limit the connecting computers surfing speed to the VPN servers upload speed (usually slow) because all of its traffic would be routed through the VPN connection and thats not what we want. We need to start the connection wizard, so we will go to control panel. Go to Start and then Control Panel.
*If your system is setup with the Classic Start Menu you need to just point on the Control Panel icon and then select Network Connections. In Control Panel double click Network Connections.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 4 de 17
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 5 de 17
Select the Connect to the network at my workspace option and then Next.
Select the Virtual Private Network connection option and then Next.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 6 de 17
Type in the name of your VPN servers DNS-name or IP address as seen from the Internet.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 7 de 17
Optionally You may choose to Add a shortcut to the desktop and Finish.
Now comes the tricky part, it is vitally important you do NOT try to connect now and go into the dialers Properties.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 8 de 17
Go to the networking tab and change the Type of VPN to PPTP VPN as shown in the picture below (this is optional but will shorten the time it takes to connect) then go into Properties.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 9 de 17
On the next window, uncheck the Use default gateway on remote network option.
Now enter the connections credentials as you set them on the server and connect.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 10 de 17
Thats it, you should now be able to access all the computers on your network from the XP client Enjoy.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 11 de 17
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 12 de 17
Set the address of your VPN server as seen from the internet either by DNS-name or IP.
Even though it wont connect now because we stil need to go into the dialers properties, Set the username and password and hit connect.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 13 de 17
After the connection will fails to connect (thats normal), click on Set up the connection anyway.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 14 de 17
Find the dialer we have just created, right click it and select Properties.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 15 de 17
While its optional, for a faster connecting dialer, set the type of VPN to PPTP under the Security tab.
Go to the Networking tab, select the IPv4 protocol and go into its properties.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 16 de 17
On the next window, uncheck the Use default gateway on remote network option.
Now enter the connections credentials as you set them on the server and connect.
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011
Pgina 17 de 17
Thats it, you should now be able to access all the computers on your network from the win7 client. Note: Be sure and read our guide to setting up a VPN client for Ubuntu Linux. Enjoy
This article was originally written on 10/11/10 Tagged with: SysadminGeek
http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
17/06/2011