So, in the first part of the article we have started our personal Linux CentOS-operating server, located in Germany. Now, we are going to configure it; after that your VPN will operate for a life-time and require no additional actions or settings.
Note: Don’t be afraid if you have never configured a Linux server before! You will need to connect to the server via SSH protocol and just copy the commands.
To configure a VPN server, you will need to connect to it via SSH protocol; this operation is described in detail in my article: How to connect via SSH: a guide.
Step-by-step guide to configuring a VPN server
1. Connect to your server via SSH, using Putty program as described above. You have received e-mail with IP address, login and password after creating the server. When connecting to the server for the first time, you will need to change the password as root user; I recommend using a password no shorter than 10 characters, including lower and upper case letters and numbers.
2. Install VPN server program; to do that, you should execute the following commands:
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd
3. Execute initial PPTP configuration by opening the configuration file for editing, using the following command:
Delete all the file contents by pressing “d” button (double click “d” button to delete the whole line). Press “i” button to switch to editing mode and copy the following lines to the empty file:
Quickly press Esc twice and after that type ":wq" to exit editing mode and save the data; then, press Enter button.
4. Now you need to create users for connecting via VPN server. I don’t recommend creating more than 20-30 users at the cheapest server by DigitalOcean.
Insert the command:
Edit and save the file just like you’ve done in step 3. The file contents should look something like that:
user1 pptpd passw0rd *
user2 pptpd qwerty123 *
Each line should contain the data of a single user, separated by space: login, protocol, password and IP address. For example:
voprosoff pptp 1QAZ2wsx *
5. Configure DNS servers; to do this, open the file:
and type the following lines at the very end of it:
6. Now you can start your VPN server at last and check its operating processes. To run your VPN server, execute the command:
service pptpd restart
To check whether VPN server have been started and is operating, type in the command:
netstat -alpn | grep :1723
If everything is alright, you’ll see the following:
You have configured your VPN server and now it is operating! Only a couple of final steps are left.
7. Open the file for editing:
and check the following line:
net.ipv4.ip_forward = 1
if there is 0 in it, change it to 1 and save.
To apply settings, execute the following command:
8. Add firewall settings, using the command:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save
If you want your VPN clients to see each other via the local network, execute these commands (optional):
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT
Hereon we can finish our instruction – now you have your personal VPN server! It will be free during the first 2 months, then you’ll have to pay 5$ per month. But considering that you will be able to connect up to 30 users via VPN, this is an extremely affordable price. In case of using common VPN services, you would have to pay 2-3$ per month for each client.
One can connect to your VPN server, using computer, smartphone or tablet, as well as iPhone or iPad – you can read about it in the final part of the article.
If you have any questions or need more details – please, ask a question or leave a comment.