Sunday, December 18, 2011

install PPTP VPN on AWS CentOS 6 machine

Configuring the server

yum install ppp -y
rpm -Uhv http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.i686.rpm
echo "localip 192.168.55.1" >> /etc/pptpd.conf
echo "remoteip 192.168.55.2-100" >> /etc/pptpd.conf 
echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd
echo "ms-dns 4.2.2.1" >> /etc/ppp/options.pptpd
echo "$USERNAME pptpd $PASSWORD *" >> /etc/ppp/chap-secrets
chkconfig iptables on
service iptables start
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
echo "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" >> /etc/rc.local
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables restart
service iptables save
chkconfig pptpd on
On the AWS console, go to "Security Groups", select either your security group or "default", select the "Inbound" tab. Select "Custom TCP rule" with "Port Range" 1723, Click "Add Rule", then click "Apply rule changes". At this point the PPTP server should be ready to accept connections. You can test if the server is properly started by running 
telnet $SERVERIP 1723
where $SERVERIP is the public IP of the PPTP server machine.

Configuring a KDE client

Open "System Settings", click "Network Settings" and go to the VPN tab. Click the "Add" drop-button and select "PPTP".
  • Optionally check the "Connect automatically" and the "System connection" checkboxes.
  • Enter a connection name.
  • Enter $SERVERIP for "Gateway".
  • Enter $USERNAME for Login.
  • Enter $PASSWORD for Password.
  • Click the "Advanced" button in the bottom of the dialogue.
  • In the middle check the "Use MPPE Encryption" checkbox, and select "128 bit" in the Crypto drop down.
  • Click OK twice to close the settings dialogue.
Open a shell and test the connection: 
ping 192.168.55.1

Configuring Network Manager on linux manually

Create a new connection file under /etc/NetworkManager/system-connections/ with the following content: 
[connection]
id=CONNECTION NAME
type=vpn

[vpn]
service-type=org.freedesktop.NetworkManager.pptp
gateway=$SERVERIP
user=$USERNAME
require-mppe-128=yes

[vpn-secrets]
password=$PASSWORD

[ipv6]
method=ignore

[ipv4]
method=auto

Configuring a Windows XP client

  • Click Start > Sttings > Control Panel > Network Connections
  • Click File > New connection
  • Click Next
  • Select “Connect to the Network at my Workplace”, click Next
  • Select "Virtual Private Network connection", click Next
  • Enter a name for the connection, click Next
  • Enter the $SERVERIP, click Next
  • Click Finish
A new dialogue box will pop prompting for the username and password for the new connection.
Enter both, and check the "Save this username ..." checkbox.
Click "Connect".
After a successful connection you can test the connection by running the following in a cmd window: 
ping 192.168.55.1
Guide with nice screen shots: http://doc.m0n0.ch/handbook/pptp-windows.html

Configuring an iPhone client

  • Go to Settings and open the "General" settings
  • Select "Network"
  • Select "VPN"
  • Choose "Add VPN Configuration"
  • Select the "PPTP" tab.
  • Enter a name for the VPN connection
  • Enter the address of the server, the login and the password.
  • Ensure that "Send All Traffic" is "ON&".
  • Click "Save".
  • Switch the "VPN" to "ON".
Guide with nice screen shots: http://www.dikant.de/2011/10/03/configuring-a-pptp-vpn-on-ios-and-android/

Configuring Apache for sites on the private network

In /etc/httpd/conf/httpd.conf, add 
NameVirtualHost 192.168.55.1:80
Then add a new VirtualHost section for each site: 
<VirtualHost 192.168.55.1:80>
 ...
</VirtualHost>
Reload apache configuration: 
service httpd reload
Posted by at No comments:
Subscribe to: Posts (Atom)