====== PPTPd VPN ======

Let's get started with the tutorial below!

===== Installation =====


(Optional) Scrap off all the junk you won't need if it is a new box:
<code>wget -O master.tar.gz http://github.com/maxexcloo/Minimal/tarball/master; tar zxvf *.gz; cd *Minimal*; sh minimal.sh ssh</code>

If you are still using only `root` (have its benefits when you are just setting up your server), you will probably need to re-enable root login.

Edit `/etc/ssh/sshd_config` and find:

`PermitRootLogin no`
			
Replace it with:

`PermitRootLogin yes`
						
Save the file, exit the editor, and restart your SSHd server:

`/etc/init.d/ssh restart`
						
Install PPTPD:

`apt-get install pptpd`
						
Enable forwarding by editing `/etc/sysctl.conf` find:

`#net.ipv4.ip_forward=1`
						
Replace it with:

`net.ipv4.ip_forward=1`
						
Save the file, exit the editor, and apply the changes:

`sysctl -p`
						
Towards the end of `/etc/pptpd.conf`, add, or uncomment these lines:

<code>localip 10.84.1.1
remoteip 10.84.1.101-200</code>
				
Create your users by editing your `/etc/ppp/chap-secrets` file by adding it in the following format:
<code>
# Secrets for authentication using CHAP
# client		server	secret			IP addresses
andy			pptpd	1234			*
john			pptpd	abcd			*
</code>					
Create a new file which will manage the routing with `iptables` by creating `/etc/init.d/vpnforward`:

<code>
#! /bin/sh

case "$1" in
	start)
		iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
		iptables -A INPUT -p 47 -j ACCEPT
		iptables -A FORWARD -i ppp+ -o vent0 -j ACCEPT
		iptables -t nat -A POSTROUTING -s 10.84.1.0/24 -j SNAT --to-source 127.0.0.1
		echo "iptables entries for VPN forwarding added"
		;;
	stop)
		echo "nothing to unload"
		;;
	*)
		echo "Usage: /etc/init.d/vpnforward {start|stop}"
		exit 1
esac

exit 0
</code>					
Make it executable:

`chmod a+x /etc/init.d/vpnforward`
						
Add it to your boot sequence so you don't need to make the changes each time your VPS reboot:

`update-rc.d vpnforward defaults`

*note: use this command if you want to remove it from auto-run at boot:

`update-rc.d -f vpnforward remove`
		
Edit `/etc/ppp/pptpd-options` with the following options:
<code>
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 8.8.8.8
ms-dns 8.8.4.4
</code>

Congratulations, you now have a working PPTPd VPN!