Creating a personal VPN server: a step-by-step guide (Part 2)


+1 vote
Good day to you!
This series of articles is dedicated to creating your personal VPN server. It is a bit easier to do it than it seems and requires no special knowledge. All you need is to have a little of understanding of IT sphere and general knowledge of the way the networks operate and to know what is Linux.
asked Mar 24, 2017 in System administration by Brian

1 Answer

0 votes

So, in the first part of the article we have started our personal Linux CentOS-operating server, located in Germany. Now, we are going to configure it; after that your VPN will operate for a life-time and require no additional actions or settings.
 

Note: Don’t be afraid if you have never configured a Linux server before! You will need to connect to the server via SSH protocol and just copy the commands.
 

To configure a VPN server, you will need to connect to it via SSH protocol; this operation is described in detail in my article: How to connect via SSH: a guide.

Step-by-step guide to configuring a VPN server

1. Connect to your server via SSH, using Putty program as described above. You have received e-mail with IP address, login and password after creating the server. When connecting to the server for the first time, you will need to change the password as root user; I recommend using a password no shorter than 10 characters, including lower and upper case letters and numbers.

Connect to your server via SSH

 

2. Install VPN server program; to do that, you should execute the following commands:

rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd


3. Execute initial PPTP configuration by opening the configuration file for editing, using the following command:

vi /etc/pptpd.conf

Delete all the file contents by pressing “d” button (double click “d” button to delete the whole line). Press “i” button to switch to editing mode and copy the following lines to the empty file:

option /etc/ppp/options.pptpd
logwtmp
localip 10.0.0.1
remoteip 10.0.0.100-200

Quickly press Esc twice and after that type ":wq" to exit editing mode and save the data; then, press Enter button.


4. Now you need to create users for connecting via VPN server. I don’t recommend creating more than 20-30 users at the cheapest server by DigitalOcean. 
Insert the command:

vi /etc/ppp/chap-secrets

Edit and save the file just like you’ve done in step 3. The file contents should look something like that:

user1 pptpd passw0rd *
user2 pptpd qwerty123 *

Each line should contain the data of a single user, separated by space: login, protocol, password and IP address. For example:

voprosoff  pptp  1QAZ2wsx  *

create users for connecting via VPN server

5. Configure DNS servers; to do this, open the file:

vi /etc/ppp/options.pptpd

and type the following lines at the very end of it:

ms-dns 8.8.8.8
ms-dns 8.8.4.4

 

6. Now you can start your VPN server at last and check its operating processes. To run your VPN server, execute the command:

service pptpd restart

To check whether VPN server have been started and is operating, type in the command:

netstat -alpn | grep :1723

If everything is alright, you’ll see the following:

Your VPN server works fine

You have configured your VPN server and now it is operating! Only a couple of final steps are left.


7. Open the file for editing:

vi /etc/sysctl.conf

and check the following line:

net.ipv4.ip_forward = 1

if there is 0 in it, change it to 1 and save.
To apply settings, execute the following command:

sysctl -p

 

8. Add firewall settings, using the command:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

If you want your VPN clients to see each other via the local network, execute these commands (optional):

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Hereon we can finish our instruction – now you have your personal VPN server! It will be free during the first 2 months, then you’ll have to pay 5$ per month. But considering that you will be able to connect up to 30 users via VPN, this is an extremely affordable price. In case of using common VPN services, you would have to pay 2-3$ per month for each client.
 

One can connect to your VPN server, using computer, smartphone or tablet, as well as iPhone or iPad – you can read about it in the final part of the article.
 

If you have any questions or need more details – please, ask a question or leave a comment.
Good luck!

answered Mar 24, 2017 by Expert Brian (5,370 points)
Welcome to Help Desk, here you can ask any questions and receive answers from our experts and other members of the community.

If you have any questions, please do not hesitate to contact our help desk!

Make a question!