How to Create Your Own PPTP VPN on Ubuntu 20.04
What is VPN?
A virtual private network (VPN) is a network that connects a private network (LAN) to a public network (Internet). It allows computers and devices to communicate over shared or public networks as if they were directly linked to the private network, while benefiting from the private network’s functionality, security, and management policies.
This is accomplished by using dedicated connections, encryption, or a mix of the two to create a virtual point-to-point connection. In essence, two computers linked over a VPN can interact directly as if they were on the same local network. Despite the fact that the two computers are physically separated, other computers on the internet are unable to intercept their conversation.
Why to use PPTP?
PPTP (Point-to-Point Tunneling Protocol) is one of the oldest and most widely used VPN protocols. Here are a few reasons why PPTP may be a good choice for your VPN needs:
- Compatibility: PPTP is supported by a wide range of devices, including Windows, macOS, Linux, iOS, and Android.
- Ease of use: PPTP is relatively easy to set up and use compared to other VPN protocols, making it a good choice for beginners.
- Speed: PPTP is a fast VPN protocol because it uses less encryption than other protocols.
However, it’s worth noting that PPTP is not as secure as other VPN protocols like OpenVPN and L2TP/IPSec. PPTP uses weaker encryption and has known vulnerabilities, which could potentially be exploited by attackers. Therefore, if security is a top priority for your VPN needs, you may want to consider using a different VPN protocol.
Setup PPTP Server
OpenVPN and PPTP are the most widely used VPN protocols. PPTP will be used. We should have one computer that will serve as the VPN server before we begin with setting up our own VPN network. That computer will be in charge of assigning IP addresses to clients, creating initial connections between clients or clients and servers, and managing security protocols and user/client authentication. We’ll run the following command to install PPTP:
$ apt update && apt upgrade
$ apt install pptpd
Configure PPTPd
Using our favourite editor, change the default configuration file /etc/pptpd.conf and add the following lines:
localip 192.168.15.1
remoteip 192.168.15.100-200
In this scenario, the VPN server’s internal IP is 192.168.15.1, and each authorised client will be issued an IP from the range 192.168.15.100-200.
We must now add additional users. /etc/ppp/chap-secrets is the file that stores the users’ passwords. The following information about the client should be entered in the following order:
# client server secret IP addresses
In order to create a new client named client1 that will be able to connect to the pptpd server from any location using the password password1, we should add the following line, where the asterisk indicates that the login information can be used by any IP address:
client1 pptpd password1 *
The last step before starting our VPN server is to configure the DNS server. We can either use our internet provider’s DNS servers or Google DNS servers and insert them into the file.
ms-dns 8.8.8.8
ms-dns 8.8.4.4
The pptpd daemon can now be started using the command:
$ systemctl start pptpd
We should perform the following commands to ensure that it is operating and listening for incoming connections:
$ netstate -tapn | grep pptpd
The final product should look like this:
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 20934/pptpd
unix 2 [ ] DGRAM 5992346 20934/pptpd
In order for the VPN server to function properly and forward requests, the following line in /etc/systl.conf must be present.
net.ipv4.ip_forward = 1
If it does not already exist, we must create it before applying the configuration using the command:
$ sysctl –p
Setup and configuration on the client side
We need to install the PPTP client on a client computer in order for it to connect to our VPN server (the first command is for CentOS, the second is for Debian/Ubuntu):
$ apt-get install pptp-linux
The ppp mppe module is required by the VPN client, thus we must load it:
$ modprobe ppp_mppe
The /etc/ppp/peers/ subdirectory should be used to store client configuration. To define the parameters for the server we wish to use, we should open our favourite editor and create a configuration file with the following parameters (we’re on client1):
pty "pptp --nolaunchpppd"
name client1
password password1
remotename PPTP
require-mope-128
If our config files in the previous example were titled /etc/ppp/peers/vpnserver, then we should run the following command to start the client and connect to the VPN server:
$ pppd call vpnserver
Check the log files for probable issues or successful connection information after running the client using the command:
$ cat /var/log/syslog | grep pptp
On our clients, we should explicitly establish proper VPN traffic routing:
$ ip route add 172.16.0.0/16 dev ppp0
Conclusion
PPTP (Point-to-Point Tunneling Protocol) is a widely used VPN protocol due to its compatibility with a wide range of devices and ease of use. However, it is important to note that PPTP is not as secure as other VPN protocols like OpenVPN and L2TP/IPSec, as it uses weaker encryption and has known vulnerabilities that could be exploited by attackers. Therefore, if security is a top priority for your VPN needs, you may want to consider using a different VPN protocol. Nonetheless, if you still decide to use PPTP, it is important to keep your PPTP server up to date with security patches and configurations to ensure the best security possible.