https://wiki.tbpindustries.com/index.php?action=history&feed=atom&title=PPTP 2026-04-24T04:50:49Z Revision history for this page on the wiki MediaWiki 1.31.1 https://wiki.tbpindustries.com/index.php?title=PPTP&diff=162&oldid=prev 2019-08-27T17:21:07Z

<p>‎<span dir="auto"><span class="autocomment">PPTP Server</span></span></p> <table class="diff diff-contentalign-left" data-mw="interface"> <col class="diff-marker" /> <col class="diff-content" /> <col class="diff-marker" /> <col class="diff-content" /> <tr class="diff-title" lang="en"> <td colspan="2" style="background-color: #fff; color: #222; text-align: center;">← Older revision</td> <td colspan="2" style="background-color: #fff; color: #222; text-align: center;">Revision as of 17:21, 27 August 2019</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l10" >Line 10:</td> <td colspan="2" class="diff-lineno">Line 10:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This will show how to set up a PPTP server on Arch Linux.</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>This will show how to set up a PPTP server on Arch Linux.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>−</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[<del class="diffchange diffchange-inline">Install </del>https://wiki.archlinux.org/index.php/Install] the [https://www.archlinux.org/packages/?name=pptpd pptpd] package.</div></td><td class='diff-marker'>+</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>[https://wiki.archlinux.org/index.php/<ins class="diffchange diffchange-inline">Install </ins>Install] the [https://www.archlinux.org/packages/?name=pptpd pptpd] package.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Configuration examples can be found in the /usr/share/doc/pptpd directory.</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Configuration examples can be found in the /usr/share/doc/pptpd directory.</div></td></tr> </table>

Goldbolt https://wiki.tbpindustries.com/index.php?title=PPTP&diff=161&oldid=prev 2019-08-27T16:50:08Z

<p>Created page with &quot;The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues. PPTP uses a TCP contro...&quot;</p> <p><b>New page</b></p><div>The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues.<br /> <br /> PPTP uses a TCP control channel and a Generic Routing Encapsulation tunnel to encapsulate PPP packets. Many modern VPNs use various forms of UDP for this same functionality.<br /> <br /> The PPTP specification does not describe encryption or authentication features and relies on the Point-to-Point Protocol being tunneled to implement any and all security functionalities.<br /> <br /> The PPTP implementation that ships with the Microsoft Windows product families implements various levels of authentication and encryption natively as standard features of the Windows PPTP stack. The intended use of this protocol is to provide security levels and remote access levels comparable with typical VPN products. <br /> <br /> =PPTP Server=<br /> This will show how to set up a PPTP server on Arch Linux.<br /> <br /> [Install https://wiki.archlinux.org/index.php/Install] the [https://www.archlinux.org/packages/?name=pptpd pptpd] package.<br /> <br /> Configuration examples can be found in the /usr/share/doc/pptpd directory.<br /> Create /etc/ppp/options.pptpd with the following options:<br /> <br /> # Read man pppd to see the full list of available options<br /> <br /> # The name of the local system for authentication purposes<br /> name pptpd<br /> <br /> # Refuse PAP, CHAP or MS-CHAP connections but accept connections with<br /> # MS-CHAPv2 or MPPE with 128-bit encryption<br /> refuse-pap<br /> refuse-chap<br /> refuse-mschap<br /> require-mschap-v2<br /> require-mppe-128<br /> <br /> # Add entry to the ARP system table<br /> proxyarp<br /> <br /> # For the serial device to ensure exclusive access to the device<br /> lock<br /> <br /> # Disable BSD-Compress and Van Jacobson TCP/IP header compression<br /> nobsdcomp<br /> novj<br /> novjccomp<br /> <br /> # Disable file logging<br /> nolog<br /> <br /> ms-dns 9.9.9.9<br /> ms-dns 8.8.8.8<br /> <br /> Create /etc/ppp/chap-secrets for logins:<br /> # Secrets for authentication using CHAP<br /> # client server secret IP addresses<br /> username1 pptpd password1 *<br /> Be aware that this file is stored in plaintext along with usernames and passwords.<br /> <br /> Create /etc/sysctl.d/30-ipforward.conf with the following:<br /> <br /> net.ipv4.ip_forward=1<br /> <br /> Apply the configuration:<br /> sysctl --system<br /> <br /> Now run the following to configure iptables settings to enable access for PPTP Clients:<br /> # Accept all packets via ppp* interfaces (for example, ppp0)<br /> iptables -A INPUT -i ppp+ -j ACCEPT<br /> iptables -A OUTPUT -o ppp+ -j ACCEPT<br /> <br /> # Accept incoming connections to port 1723 (PPTP)<br /> iptables -A INPUT -p tcp --dport 1723 -j ACCEPT<br /> <br /> # Accept GRE packets<br /> iptables -A INPUT -p 47 -j ACCEPT<br /> iptables -A OUTPUT -p 47 -j ACCEPT<br /> <br /> # Enable IP forwarding<br /> iptables -F FORWARD<br /> iptables -A FORWARD -j ACCEPT<br /> <br /> # Enable NAT for eth0 on ppp* interfaces<br /> iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE<br /> iptables -A POSTROUTING -t nat -o ppp+ -j MASQUERADE<br /> Replace &quot;eth0&quot; with the proper interface name. <br /> <br /> Save the new iptables rules with:<br /> iptables-save &gt; /etc/iptables/iptables.rules<br /> <br /> To load /etc/iptables/iptables.rules automatically after boot, enable the iptables.service unit: <br /> systemctl enable iptables.service<br /> <br /> Open port 1723 to the server and start and enable the PPTP Server using the following: <br /> systemctl enable pptpd.service<br /> systemctl start pptpd.service</div>

Goldbolt