1. Build the environment
System: Ubuntu 18.04.4 LTS (Bionic Beaver)
Location: Lightweight Application Cloud Server
2. Install the software
Sudo apt-get update
Sudo apt-get install pptpd
Sudo apt-get install iptables (if installed in the machine, please ignore, you can use iptables -L to check whether it is installed)
3. Configure proxy information
sudo vim /etc/pptpd.conf
Make sure that the contents of the file have the configuration of the following options
- option /etc/ppp/pptpd-option (specify the location of the PPP option file)
- localip 192.168.0.1 (it is blocked, you need to enable it, this is the virtual ip of the server)
- remoteip 192.168.0.200-238,192.168.0.245 (it is blocked, you need to enable it, this is the virtual ip assigned by the server to the client)
sudo vim /etc/ppp/pptpd-options
Make sure that the contents of the file have the configuration of the following options
- ms-dns 8.8.8.8 (use Google DNS, or domestic DNS)
- ms-dns 8.8.4.4 (use Google DNS, or domestic DNS)
sudo vim /etc/ppp/chap-secrets
Add username and password
Format: username service type password assigned ip address
User pptpd xxxxx *
sudo vim /etc/sysctl.conf
Make sure that the contents of the file have the configuration of the following options
net.ipv4.ip_forward=1 (blocked, need to enable it)
sudo sysctl -p (execute this command to make the above changes take effect)
4. Restart the pptpd service
sudo service pptpd restart
ps -ef |grep pptpd to see if the process is started
netstat -ntlp |grep pptpd Check whether the port number is listening normally
5. Configure firewall policy
sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
sudo iptables -I FORWARD -s 192.168.0.0/24 -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1300
sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source your public network ip
After the configuration is complete, you can connect to the VPN with a computer or mobile phone.