How to build pptpd service in Alibaba Cloud Ubuntu 16.04

1. To build a PPTP VPN, you need to open port 1723 and GRE protocol

1. Alibaba Cloud has a security group that requires an open port for access, and a new security group rule needs to be added.

Log in to the Alibaba Cloud Server Management Console and add a security group rule. Fill in the port range of 1723/1723 for both the inbound and outbound directions. See the figure below.

2. At the same time, port 1723 must be opened inside the server. This will be discussed later.

2. Install PPTP

sudo apt-get install pptpd

3. Configure PPTP

1. Configure the host IP and the IP pool allocated to the device connected to the host

sudo vim /etc/pptpd.conf #Remove 96~97# as shown in the figure

2. Configure DNS resolution

sudo vim /etc/ppp/pptpd-options #Remove 58, 59# Alibaba Cloud's public dns are 223.6.6.6 and 223.5.5.5, so the picture is as follows

3. Configure login user

sudo vim /etc/ppp/chap-secrets #Add user (user name), pptpd (protocol), password (password) and ip addresses at the end, separated by tabs. You can set multiple

4. Enable IP forwarding function

sudo vim /etc/sysctl.conf

Remove the # sign from net.ipv4.ip_forward=1, which is roughly on line 25.

Update sudo sysctl -p

5. Open the server port 1723 and enable the GRE protocol

Install iptable iptable is used to manage IP and firewall

sudo apt-get install iptables

sudo iptables -A INPUT -p tcp --dport 1723 -j ACCEPT #Open port 1723

sudo iptables -A INPUT -p gre -j ACCEPT # Enable the gre protocol

6. Enable NAT forwarding

sudo iptables -t nat -A POSTROUTING -s 192.168.0.1/24 -o ens3 -j MASQUERADE

Among them, 192.168.0.1/24 is the subnet mask of the host IP.

ens3 is the name of the server network card, which can be viewed through ifconfig.

sudo iptables-save save and take effect

7. Restart pptpd to make it take effect

service pptpd restart

Note:

1. I also used the sudo ufw allow 1723/tcp command to open port 1723

2. When logging into VPN, the server address is the external network address, and the username and password are the user and password configured in the third step.

Related reading:

Alibaba Cloud Ubuntu 16.04 builds IPSec service

Summarize

The above is my introduction on how to build the pptpd service in Alibaba Cloud Ubuntu 16.04. I hope it will be helpful to you. If you have any questions, please leave me a message and I will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website!
If you find this article helpful, please feel free to reprint it and please indicate the source. Thank you!