Installing a PPTP-VPN server on a Raspberry Pi

Preferred Pre-requisites:

        Download latest image of Jessie and install to MicroSD card - run through raspi-config to set hostname, locale, etc.

        Setup your network - either wireless or wired - with a static IP address.

             1)  Edit network interface file and add the following lines  (use wlan0 for wi-fi, eth0 or wired connection)

                      sudo nano /etc/network/interfaces

                      iface wlan0 inet static
                            address 192.168.40.40
                            netmask 255.255.255.0
                            gateway 192.168.40.1
                            dns-nameservers 192.168.40.1

             2) Edit supplicant file to add SSID and password

                      sudo nano /etc/wpa_supplicant/wpa_supplicant.conf

                      network={
                            ssid="MySSID"
                            psk="myNetPasswd"
                      }

             3) Reboot and verify that you have the IP address you specified above and your network connectivity is functioning:

                      sudo reboot

                      ifconfig



If you have problems, try these options


To remove any existing leases from a DHCP server, use:

        sudo rm /var/lib/dhcp/*

Another way to add static IP address

        sudo nano /etc/dhcpcd.conf

Add the following lines to the bottom:

        interface eth0

        static ip_address=192.168.40.40
        static routers=192.168.40.1
        static domain_name_servers=192.168.40.1



Once you have your Pi up and running with networking, follow these steps to set up PPTP VPN.

1)    Install all updates to your OS.

        sudo apt-get update
        sudo apt-get upgrade

2)    Install the PPTP software

        sudo apt-get install pptpd

3)    Edit the configuration file and remove the “#” from “localip” and put in the static IP address

        sudo nano /etc/pptpd.conf

        localip 192.168.40.40

4)    Also remove the “#” from “remoteip” and put in the at least one IP address to be given to clients when they connect
       Below allocates 5 IP addresses

        remoteip 192.168.40.50-54

   
5)    Edit the PPTPD options file

        sudo nano /etc/ppp/pptpd-options
       
And add the following four lines at the end of the file

        ms-dns 8.8.8.8
        noipx
        mtu 1490
        mru 1490
   
6)    Configure internet traffic forwarding on your PI to get access to your local network

        sudo nano /etc/sysctl.conf
    
and remove the “#” from the following line

        net.ipv4.ip_forward=1
       
7)    Change the firewall entry:  (use eth0 if using wired network or wlan0 if using wireless)

        sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
   
8)    Make it permanent in case of a reboot:

        sudo crontab –e
   
Add following line at the lower end: (same as above for wired/wireless)

        @reboot sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

9)    Now add a user and password in "chap-secrets".

        sudo nano /etc/ppp/chap-secrets

        Username[TAB]*[TAB]password[TAB]*
   
    Example:
        mysernamehere     *       123thisismypassword321   *
       
10)    Now restart the VPN server

        sudo service pptpd restart

11)    Tell the service to start on boot

        sudo systemctl enable pptpd