pptpd on Raspbian

I wanted VPN running on my RaspberryPi 2, so I could WoL my PC and also see my network.
Initially I was going for OpenVPN, but it is a pain to use on all devices and also can be fiddly to set up.

pptp is known to be very insecure, and you shouldn’t really use it.

Setting pptpd on raspbian is pretty easy
Before we begin we need to run to usual update/upgrade

sudo apt-get update
sudo apt-get upgrade

Then install pptpd

sudo apt-get install pptpd

We will need to tell pptpd on which ip is installed and also what IP addresses to give to our clients:

sudo nano /etc/pptpd.conf

Find the line

#localip 192.168.0.1 

uncomment it(remove the #) and change the IP address to the IP of the Pi.

If you want the clients to be given specific IP addresses, you will need to uncomment:

#remoteip 192.168.1.234-238,192.168.1.245

Add DNS servers (I used google ones),
open

sudo nano /etc/ppp/pptpd-options

and at the end of the file add this:

ms-dns 8.8.8.8
noipx
mtu 1490
mru 1490

Enable port forwarding, open

sudo nano /etc/sysctl.conf

and ucomment

#net.ipv4.ip_forward=1 

Iptables will have to allow connections and routing, and also to make iptables riles permanent(after restart) we will add them to the crontab:

sudo crontab -e

add this:

@reboot sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

The final thing is to populate the table with the users and their passwords, yoi can do this by opening

sudo nano /etc/ppp/chap-secrets

and add you user/s like that

user[TAB]*[TAB]password[TAB]*

The file should look something like that:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
user   *       password       *

Of course change user and password with your own, and if you want add more users.

Restart the pptp server and you should be good to go:

sudo systemctl restart pptpd.service

If you are having problems to connect you might need to forward tcp port 1723 to the same port on your RPi IP.