apt-get install pptpd
Modify /etc/pptpd.conf find ‘localip’ and ‘remoteip’ and replace with
localip 10.0.0.1 remoteip 10.0.0.50-100
After add the ip scope, we can continue adding users VPN with modifying /etc/ppp/chap-secrets, for example
max pptpd 123456 *
modify /etc/ppp/options,
ms-dns 8.8.8.8 ms-dns 8.8.4.4
/etc/sysctl.conf,
net.ipv4.ip_forward=1
Run following, Pay attention to eth0, it may need change to right interface name
$ sudo sysctl -p $ sudo /etc/init.d/pptpd restart $ sudo /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
cat > /etc/init.d/pptpenable /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE CTRL+D $ chmod +x vpnrule $ update-rc.d vpnrule defaults
/etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
/etc/ufw/before.rules add below rules. and then restart ufw
# NAT table rules *nat :POSTROUTING ACCEPT [0:0] # Forward traffic through eth0 - Change to match you out-interface -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE # don't delete the 'COMMIT' line or these nat table rules won't # be processed COMMIT #adding this rule to the file /etc/ufw/before.rules before the line # drop INVALID packets ... -A ufw-before-input -p 47 -j ACCEPT #Then Run sudo ufw disable && sudo ufw enable