How to setup a PPTP VPN on Ubuntu 12.04

Two days ago, my new test server from OVH was delivered. After the usual tinkering, I tought I would try something new.

I actually never installed a VPN, so this was kind of new to me.

There are different types of VPN protocols, and the one I used (PPTP) is the easiest and fastest to install. On the other hand, it's not as secure as other protocols (like L2PT/IPSec or OpenVPN), but as I don't think I need that much encryption, I'll go with this one.

Installing a PPTP VPN:

1 - Login as root and type in terminal:

apt-get install pptpd

2 - Edit the file:

nano /etc/ppp/chap-secrets

and add a user and a password:

# Secrets for authentication using CHAP # client server  secret IP addresses user password  *
Save and exit 3 - Edit the pptpd config file: nano /etc/pptpd.conf and uncomment the two last lines:



Save and exit 4 - Enable IP forwarding: nano /etc/sysctl.conf and uncomment the line:
Save and exit 5 - Set iptables/MTU rules to allow forwarding. Enter: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -o eth0 -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 800:1536 -j TCPMSS --clamp-mss-to-pmtu 6 - Set pptpd to start on boot: chmod +x /etc/init.d/pptpd /usr/sbin/update-rc.d -f pptpd defaults 7 - Set the iptables rules to run on boot as well. Create the script: nano /etc/ and enter exactly:




$IPT -o eth0 -A FORWARD -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 800:1536 -j TCPMSS --clamp-mss-to-pmtu

Save and exit

8 - Set the script to run at boot:

chown root /etc/
chmod 700 /etc/


Edit the default network interfaces file

nano /etc/network/interfaces

and add:

pre-up /etc/

just like this:

# The primary network interface auto eth0 iface eth0 inet dhcp pre-up /etc/

Save and exit


9 - Edit pptpd-options:

nano /etc/ppp/pptpd-options

and add this two lines below the commented "ms-dns" (DNS configuration) :

ms-dns ms-dns

Save and exit


10 - Reboot the server and test your new VPN.