# warning: this is not script, it's a set of instructions.
#these steps create pptp vpn server so all clients can reach all others clients.
##################### SERVER SIDE (UBUNTU SERVER 16.04+) ######################
sudo apt-get install pptpd
sudo update-rc.d pptpd defaults
# I had to use this on 16.04... it fixes autostart problem:
sudo systemctl enable pptpd
#edit file "/etc/pptpd.conf": example using nano: $> sudo nano /etc/pptpd.conf
#add the following lines:
localip 10.20.0.1
remoteip: 10.20.1.100-200 #100 clients
#save it
#edit file "/etc/ppp/chap-secrets": example using nano: $> sudo nano /etc/ppp/chap-secrets
#add all clients with fixed ip addresses (change user1, user2... and password1, password2,.. according to your preference):
user1 pptpd password1 10.20.1.100
user2 pptpd password2 10.20.1.101
user3 pptpd password3 10.20.1.200
:
#save it
#edit/add this line at "/etc/systl.conf":
net.ipv4.ip_forward = 1
#save change:
sudo sysctl -p
#Configure iptables for forwarding (let clients see all each other):
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.20.0.0/16 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface enp0s8 -j ACCEPT
iptables-save
#restart your service:
sudo service pptpd restart
##################### CLIENT SIDE FOR UBUNTU SERVER ######################
# Start client side (Ubuntu Server (w/o GUI)):
#
# ============================================================
# 1) Configure pptp: (Change your <vpn server address>)
# (in this example we named the provider as "pptpserver")
# ============================================================
sudo nano /etc/ppp/peers/pptpserver
# add the following lines:
pty "pptp <vpn server address> --nolaunchpppd"
lock
noauth
nobsdcomp
nodeflate
name server
password 13132828
remotename pptpserver
persist
maxfail 0
holdoff 5
require-mppe-128
# and save (ctrl-o ctrl-x)
# ==================================================================
# 2) Create config file for adding route automatically when startup:
# this is necessary in order to not use vpn internet connection
# (use same name of provider, in my case "pptpserver")
# ==================================================================
sudo nano /etc/ppp/ip-up/pptpserver
# add the wollowings lines:
#!/bin/bash
# This script is called with the following arguments:
# Arg Name
# $1 Interface name
# $2 The tty
# $3 The link speed
# $4 Local IP number
# $5 Peer IP number
# $6 Optional ``ipparam'' value foo
route add -net 10.20.0.0 netmask 255.255.0.0 dev $1
# and save (ctrl-o ctrl-x)
# ============================================================
# STARTUP CONNECTION
# ============================================================
# 1) Manual startup:
sudo pon pptpserver
# 2) Auto startup on boot:
#
# Edit interfaces file:
sudo nano /etc/network/interfaces
# add the following lines to the end:
auto tunnel
iface tunnel inet ppp
provider pptpserver
# and save (ctrl-o ctrl-x)
# then restart networking:
sudo /etc/init.d/networking restart
# ^ with this it will reconnect on reboot
This VPN server configuration is useful to create a private network where all clients see each other. For ubuntu clients it is necessary to configure vpn settings:
-> VPN -> Advanced -> check all MSCHAP
Here gateway is not specified because I don't use vpn to navigate to internet.
If you don't want to use vpn internet (just like me) then you must specify in properties of connection on each client use this vpn only for local (vpn) resources: (after creating connection):
==============================
Ubuntu desktop (Network Manager):
==============================
* VPN Network settings -> IPv4 settings -> Routes
1) Add address: 10.20.0.0, subnet mask: 255.255.0.0, gateway: 10.20.0.1, Metrics:0
2) check only “Use this connection only for resources on its network”
===========================
Windows (depending on version):
===========================
* Double-click My Computer, and then click the Network and Dial-up Connections link.
* Right-click the VPN connection that you want to change, and then click Properties.
* Click the Networking tab, click Internet Protocol (TCP/IP) in the Components checked are used by this connection list, and then click Properties.
* Click Advanced, and then click to clear the Use default gateway on remote network check box.
* Click OK, click OK, and then click OK.
-> VPN -> Advanced -> check all MSCHAP
Here gateway is not specified because I don't use vpn to navigate to internet.
If you don't want to use vpn internet (just like me) then you must specify in properties of connection on each client use this vpn only for local (vpn) resources: (after creating connection):
==============================
Ubuntu desktop (Network Manager):
==============================
* VPN Network settings -> IPv4 settings -> Routes
1) Add address: 10.20.0.0, subnet mask: 255.255.0.0, gateway: 10.20.0.1, Metrics:0
2) check only “Use this connection only for resources on its network”
===========================
Windows (depending on version):
===========================
* Double-click My Computer, and then click the Network and Dial-up Connections link.
* Right-click the VPN connection that you want to change, and then click Properties.
* Click the Networking tab, click Internet Protocol (TCP/IP) in the Components checked are used by this connection list, and then click Properties.
* Click Advanced, and then click to clear the Use default gateway on remote network check box.
* Click OK, click OK, and then click OK.
Be the first to comment
You can use [html][/html], [css][/css], [php][/php] and more to embed the code. Urls are automatically hyperlinked. Line breaks and paragraphs are automatically generated.