I wanted VPN running on my RaspberryPi 2, so I could WoL my PC and also see my network.
Initially I was going for OpenVPN, but it is a pain to use on all devices and also can be fiddly to set up.
pptp is known to be very insecure, and you shouldn’t really use it.
Setting pptpd on raspbian is pretty easy
Before we begin we need to run to usual update/upgrade
sudo apt-get update
sudo apt-get upgrade
Then install pptpd
sudo apt-get install pptpd
We will need to tell pptpd on which ip is installed and also what IP addresses to give to our clients:
sudo nano /etc/pptpd.conf
Find the line
#localip 192.168.0.1
uncomment it(remove the #) and change the IP address to the IP of the Pi.
If you want the clients to be given specific IP addresses, you will need to uncomment:
#remoteip 192.168.1.234-238,192.168.1.245
Add DNS servers (I used google ones),
open
sudo nano /etc/ppp/pptpd-options
and at the end of the file add this:
ms-dns 8.8.8.8
noipx
mtu 1490
mru 1490
Enable port forwarding, open
sudo nano /etc/sysctl.conf
and ucomment
#net.ipv4.ip_forward=1
Iptables will have to allow connections and routing, and also to make iptables riles permanent(after restart) we will add them to the crontab:
sudo crontab -e
add this:
@reboot sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
The final thing is to populate the table with the users and their passwords, yoi can do this by opening
sudo nano /etc/ppp/chap-secrets
and add you user/s like that
user[TAB]*[TAB]password[TAB]*
The file should look something like that:
# Secrets for authentication using CHAP
# client server secret IP addresses
user * password *
Of course change user and password with your own, and if you want add more users.
Restart the pptp server and you should be good to go:
sudo systemctl restart pptpd.service
If you are having problems to connect you might need to forward tcp port 1723 to the same port on your RPi IP.