This article follows on from my hamachi based VPN tutorial. PPTP is much easier to set up on a debian server, and very easy to connect to from a Windows XP machine.

With the ease of use though, there are some downfalls. PPTP is known to be less secure than other VPN’s such as OpenVPN and IPSEC, but for most uses it should be fine. One advantage over my hamachi VPN is that you will end up with an IP on the remote LAN (instead of the 5.0.0.0/8 address you have from hamachi), meaning you don’t need to do any routing tweaks.

First, set up the server:

apt-get install pptpd

That’s it! Now, to configure, you just need to edit 2 files:

/etc/pptpd.conf
Just add 2 lines to the bottom of the file, for the internal IP address of the server, and a range of IP’s which the remote connections will use.
localip 10.1.0.50
remoteip 10.1.0.90-99

The comments at the bottom of the file show some other ways of assigning ranges of IP’s in the remoteip section.

Finally, to add a user, edit /etc/ppp/chap-secrets and add a line for a remote user in the format:

username pptpd password *

To limit connections from specific hosts, use them instead of the * at the end.

To set up the connection on a windows XP client, do the following (from Control Panel):

Network Connections
Create a New Connection
Next
Connect to the network at my workplace
Virtual Private Network connection
Enter your connection name
Do not dial the initial connection
Enter the IP of your server

Then run the connection with the username and password you entered into /etc/ppp/chap-secrets

By default this will route all your traffic (including normal web browsing) through the tunnel. If you don’t want this, go to the connection properties, then the networking tab. Choose TCP/IP properties, and click ‘Advanced’, then finally untick the ‘Use default gateway on remote network’ tickbox.

That should be all you need.

Soon, I’ll give OpenVPN a try, and try to write up a nice guide here.

Most of the information above came from other sites, and by googling. If anyone knows of a better or more secure way of using PPTP then please post comments below.

Tags: , , , ,