Setting up pptpd on debian (lenny)
There are other giudes to do this, but none seemed complete, I had to get the iptables rules from the debug document on poptop.org. I guess they are not always needed.
I started with a clean install of lenny from http://rackspacecloud.com.
Install poptop
# aptitude install pptpd
Edit pptpd config files
/etc/pptpd.conf
You need to set the private ip of the server and the ip range for clients, the 2 lines are added to this file:
localip 192.168.0.1
remoteip 192.168.0.10-20
Set them to whatever private (or public) ip addressing you want. You could use IP addresses currently available in your network, if you do this you will not need to add the iptables rules for natting later in this guide.
/etc/ppp/pptpd-options
Option 1
Set ms-wins and ms-dns to the name server the server you are currently working on is using (look in reolv.conf).
Option 2
Or as I did install dnsmasq on the server and run it as a chaching dns server
# aptitude install dnsmasq
And then set ms-dns and ms-wins to 192.168.0.1 (or the localip you set)
/etc/ppp/chap-secrets
Setup users and passwords to connect the pptp server
username pptpd somepassword *
Turn on IP Forwarding
# echo 1 > /proc/sys/net/ipv4/ip_forward
Set the change permanantly in /etc/sysctl.conf by uncommenting the line:
net.ipv4.ip_forward=1
Turn on NATing
If you have created a new private network for your pptpd server, you probably have, you need to add a rule to iptables.
# iptables --table nat --append POSTROUTING \
--out-interface eth0 --jump MASQUERADE
But this rule needs be persistant so we need to create a script to run when the interface starts up
# iptables-save > /etc/iptables.conf
Create a new file: /etc/network/if-up.d/iptables and paste in the following
#!/bin/sh
/sbin/iptables-restore < /etc/iptables.conf
Set it to executable
# chmod 755 /etc/network/if-up.d/iptables
All Done!. Just startup pptpd
# /etc/init.d/pptpd start
Posted in Uncategorized
January 27th, 2010 at 9:34 am
[...] Setting up pptpd on debian (lenny) « Rob Garth – Mildly Useful Stuff [...]
June 19th, 2010 at 8:54 am
Thank you for this tutorial.
You have a typo on 1. Line:
aptitude install pptp ->
aptitude install pptpd
If you run named (bind) this will not work.
Stop bind (if you dont need it)
/etc/init.d/bind9 stop
If you see that message:
dnsmasq: setting capabilities failed: Operation not permitted
Solution:
nano /etc/dnsmasq.conf
An ucomment user and set user to root.
user=root
And run:
sudo /etc/init.d/dnsmasq restart
Costs me some hours to figure it out, so i want to share it here.
June 19th, 2010 at 7:43 pm
Thanks very much I have updated the typo.
October 28th, 2010 at 1:04 am
At last! Thankyou! There are loads of ‘howtos’ on setting up pptpd on Debian but none of them seem to actually include everything or talk about requirements “outside the scope of this tutorial”… I followed exactly what you said and it all just works – thanks!
February 22nd, 2011 at 8:21 pm
And then set ms-dns and ms-wins to 192.168.0.1 (or the localip you set)
???
February 24th, 2011 at 8:24 am
Sorry Mom, not sure what your quesiton is, but thanks for reading. Have you finished my ironing?
March 22nd, 2011 at 11:33 am
Much thanks! I had gotten set up from another guide, but I was getting nowhere because I didn’t know about setting up iptables to do nat.
October 29th, 2011 at 5:43 am
Pretty nice post. I just stumbled upon your weblog and wished to say that I’ve really enjoyed browsing your blog posts. After all I’ll be subscribing to your rss feed and I hope you write again soon!