PPTP VPN VPS Ubuntu 16

1
apt-get install pptpd

Modify /etc/pptpd.conf find ‘localip’ and ‘remoteip’ and replace with

1
2
localip 10.0.0.1
remoteip 10.0.0.50-100

After add the ip scope, we can continue adding users VPN with modifying /etc/ppp/chap-secrets, for example

1
max pptpd 123456 *

modify /etc/ppp/options,

1
2
ms-dns 8.8.8.8
ms-dns 8.8.4.4

/etc/sysctl.conf,

1
net.ipv4.ip_forward=1

Run following, Pay attention to eth0, it may need change to right interface name

1
2
3
4
5
$ sudo sysctl -p
 
$ sudo /etc/init.d/pptpd restart
 
$ sudo /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
1
2
3
4
5
6
7
cat > /etc/init.d/pptpenable
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
 
CTRL+D
 
$ chmod +x vpnrule
$ update-rc.d vpnrule defaults

/etc/default/ufw

1
DEFAULT_FORWARD_POLICY="ACCEPT"

/etc/ufw/before.rules add below rules. and then restart ufw

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
 
# Forward traffic through eth0 - Change to match you out-interface
-A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
 
# don't delete the 'COMMIT' line or these nat table rules won't
# be processed
COMMIT
 
#adding this rule to the file /etc/ufw/before.rules before the line # drop INVALID packets ...
 
-A ufw-before-input -p 47 -j ACCEPT
 
#Then Run
 sudo ufw disable && sudo ufw enable