I am currently living in Canada which already has a lot of great internet services, but some over-the-top services require me to be in the US or have a US IP address to access. There are a couple of ways to do this, and in this tutorial, we will show one of the simpler ways of passing all your traffic through a PPTP VPN tunnel from your current location to a server in the US. PPTP stands for Point-to-Point-Tunnelling-Protocol and has been around since 1999. It is quite easy to setup and compatible with a lot of devices and operating systems on the market today.
Prerequisites
- VPS (Virtual Private Server) located the US (We’re using Digital Ocean CentOS 6.x for ours)
1. Install PPTP On Your VPS
- Log onto your VPS and install pptpd via yum
[[email protected] ~]# yum install pptpd -y
2. Modify IP Settings in pptpd.conf
- Modify the following file /etc/pptpd.conf and add the following at the bottom
- localip is the IP that will be assigned for your VPS, remoteip is the IP address block that will be given out to each client
localip 192.168.100.1
remoteip 192.168.100.100-125
3. Add User Accounts
- Modify /etc/ppp/chap-secrets and add users that can authenticate to the pptp server
- In this configuration, the username and password ryau/ryau is able to connect from all IP addresses and all servers
# Secrets for authentication using CHAP
# clientserversecret IP addresses
ryau * ryau *
4. Add DNS Servers
- Modify /etc/ppp/options.pptpd and uncomment and edit the following lines:
ms-dns 8.8.8.8
ms-dns 4.2.2.2
5. Allow Network Forwarding in Linux
- Modify /etc/sysctl.conf and change the following line
net.ipv4.ip_forward = 1
- Save and execute the following to apply changes
[[email protected] ~]# sysctl -p
6. Configure IPTables
- Enter in the following to add to your iptables
[[email protected] ~]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[[email protected] ~]# iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
[[email protected] ~]# service iptables save
- Check your IPTables to configuration. Double check to see if service iptables save wiped out your iptables entries, if they did then just re-add them. =)
[[email protected] ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
numtarget prot opt source destination
1 ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723
Chain FORWARD (policy ACCEPT)
numtarget prot opt source destination
Chain OUTPUT (policy ACCEPT)
numtarget prot opt source destination
Table: nat
Chain PREROUTING (policy ACCEPT)
numtarget prot opt source destination
Chain POSTROUTING (policy ACCEPT)
numtarget prot opt source destination
1 MASQUERADE all — 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
numtarget prot opt source destination
7. Restart PPTPD and Test
- Restart PPTPD service
[[email protected] ~] service pptpd start
- Use any PPTP client device (such as OSX, Windows, Android, iOS) and connect to your PPTP server with your credentials in step 3. Do a quick www.whatismyipaddress.com to check to see if your device has your VPS’s IP Address.