Configuring a VPN client connection is a simple matter of point and click in Windows OSes, but in Linux it is involves installing a package, configuring passwords, VPN server settings and finally routing the traffic destined for the VPN network via the VPN connection. The package named pptp is used on the client side for configuring a connection. To setup a VPN server read How to setup a VPN Server in Windows Server 2008. This tutorial is for both Debian Linux variants and Red Hat Linux variants.
Fedora/Red Hat/CentOS PPTP Client Installation
Install the pptp client
yum install pptp
Debian/Ubuntu PPTP Client Installation
Use the apt-get command
apt-get install pptp-linux
Configuring VPN credentials and server settings
Edit the following file and enter your VPN username and password
vi /etc/ppp/chap-secrets
The syntax of the file is as follows
DOMAIN\\username PPTP vpnpassword *
For example to configure a user named jesin on example.com with pass1 as the password enter
EXAMPLE\\jesin PPTP pass1 *
If your VPN network doesn’t come under a domain replace DOMAIN with your VPNSERVER name.
Next is to configure the VPN server settings. Create and edit a new file under the peers directory
vi /etc/ppp/peers/vpnconnection1
Add content according to the syntax below
pty "pptp vpn-server-hostname-or-ip-address --nolaunchpppd"
name DOMAIN\\username
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam vpnconnection1
Here “DOMAIN\\username” is the same as the one entered in the chap-secrets file. The ipparam should contain the name of the newly created file, in this case it is “vpnconnection1”
Adding a route to the routing table
All traffic for the VPN network should pass through the VPN interface so an entry has to be added to the routing table. To automatically add an entry whenever a VPN connection is established create and edit the following file
vi /etc/ppp/ip-up.d/vpn1-route
Add the following content
#!/bin/bash
route add -net 10.0.0.0/8 dev ppp0
Make the file executable
chmod +x /etc/ppp/ip-up.d/vpn1-route
Testing the connection
To connect using the newly created VPN connection use the following command
pppd call vpnconnection1
Take a peek into the messages log file using the following command
tail -f /var/log/messages
you should see something similar to this
Nov 27 13:46:20 server1 kernel: [ 800.071028] PPP generic driver version 2.4.2
Nov 27 13:46:20 server1 pppd[1083]: pppd 2.4.5 started by root, uid 0
Nov 27 13:46:20 server1 pppd[1083]: Using interface ppp0
Nov 27 13:46:20 server1 pppd[1083]: Connect: ppp0 /dev/pts/0
Nov 27 13:46:25 server1 pppd[1083]: CHAP authentication succeeded
Nov 27 13:46:25 server1 kernel: [ 804.683790] padlock: VIA PadLock Hash Engine not detected.
Nov 27 13:46:25 server1 kernel: [ 804.687408] PPP MPPE Compression module registered
Nov 27 13:46:25 server1 pppd[1083]: MPPE 128-bit stateless compression enabled
Nov 27 13:46:26 server1 pppd[1083]: local IP address 10.0.0.11
Nov 27 13:46:26 server1 pppd[1083]: remote IP address 10.0.0.12
Try pinging a system in the VPN network and you should get proper replies.
Disconnecting the connection
To disconnect the PPTP VPN connection use the killall command
killall pppd
marcelo says
Thanks Jesin. I edit the file pap-secrets too and works.
Denis says
Thanks, helped me a lot.
Andrew b says
I love tutorials that actually work 🙂 Thanks!
D'go says
I cant seem to edit this in step
vi /etc/ppp/ip-up.d/vpn1-route
Please help.
Im running fed 18 arm on cubieboard
Jesin A says
I found this from an article dated 2007, see if it works:
Edit this file, place the same contents in it and make it executable.
D'go says
Thank you for the reply – Not sure if you can assist but i was able to add that however after attempting to connect
sudo pppd call vpnconnection1
i get
[fedpower@10.1.1.1 ~]$ sudo pppd call vpnconnection1
Couldn’t open the /dev/ppp device: No such device or address
pppd: Please load the ppp_generic kernel module.
Any idea?
Jesin A says
Edit
/etc/modprobe.d/modules.conf
and changeto
daniel says
use the ‘sudo’ command as pretty much all the ppp related command would need to be ran with elevated privileges.
D'go says
Thank you for your efforts Im going to leave it as is:
I am unable to edit this in step:
vi /etc/ppp/ip-up.d/vpn1-route
to insert this:
#!/bin/bash
route add -net 10.0.0.0/8 dev ppp0
but even under root i get:
“/etc/ppp/ip-up.d/vpn1-route”
“/etc/ppp/ip-up.d/vpn1-route” E212: Can’t open file for writing
Press ENTER or type command to continue
Jesin A says
Please read my earlier comment, I told you to edit
/etc/ppp/ip-up.local
and place that code.Josef Bunes says
I have a problem: After connecting I can ping to the pptp server/gate, to the computers in connected network, but my ip address is my origin one(ip of my isp). What can I do to have ip address of vpn?
Jose says
Awesome. It helps me a lot, great job!
Vladimir says
When I try to call my vpn , I get message that pppd can’t open options from File /etc/ppp/options.pptp no such file or directory