PPTP VPN
Pptp is a Microsoft Windows compatible VPN protocol and can be setup both on the server and client side with ease.

Preparation
Make sure pptp is installed. If necessary you may need to run yum to install pptp like this...
# yum install pptpd

Setting up pptpd
Edit /etc/pptpd.conf and:

enable "delegate"

This allows pppd to assign an IP to the connection

enable "debug"

This helps when initially setting up the connection and you can see what happens in /var/log/messages

disable "bcrelay <device>"

This has been moved to its own service now. Edit /etc/sysconfig/bcrelay and edit the eth0 to which ever interface is the local lan side adapter and change the ppp0-9 to exclude the out going ppp accounts. example: "OPTIONS="--incoming eth1 --outgoing ppp2-9.*". "Service bcrelay start" will start the service. This will forward broadcast packets to your internal network and visa versa. This makes Windows networks play nicely.

Configuring ppp options
Edit /etc/ppp/options.pptpd and:

enable "proxyarp"

This proxies the connecting pc's arp onto the local network, making as if its on the local network. Don't use this if you want a routed setup.

enable "debug"

Again ... nice to see whats going on while setting up.

add "<IPAddress>

:0.0.0.0":Where <IPAddress> is the IP of the router side of the ppp connection, set this up so it doesn't clash with your current network ranges.

Your firewall
You will need to open tcp port 1723 in your firewall. If you're using etcnet firewalling add the following to "/etc/net/ifaces/default/fw/iptables/filter/INPUT" file...


Creating VPN users
Edit /etc/ppp/chap-secerts and add a user like this...

Where 10.0.0.210 is the IP address you wish to assign to the pc connecting. If you're using proxy arp this can be an address on your internal LAN which does not clash with another one, or if you're using routing this can be practically anything you want.

---