Create your own VPN server (PPTP)

Cover photo

We will be looking today at how to install your own VPN (PPTP) server on your VPS hosting . Adding a VPN (virtual private server ) is a way to add a remote computer to your network as if it is local to that network . Usually VPNs in theory are secure because transferred data is usually encrypted and the protocol itself protects against different attack methods (man in the middle attack for example ). There are multiple protocols and technologies currently available for us to use (ex: OpenVPN ,PPTP , L2TP/IPsec and SSTP)

Why use a VPN ??

- Bypass corporate firewalls
- More secure connection to the web specially when using publicly accessed WiFi
- Access Geo-blocked content
- LAN functionally over the web (for example LAN multiplayer games only )
- Bypass ISPs packet prioritization / throttling practices

There is also the privacy element in relation to spying etc , but I am a big believer that there is no true privacy in the web , if someone or some organization wants your data they will find a way as long as they have the funds /Know-how .

What are the side effects of using a VPN sever??

- Connection latency and bandwidth impact (We will be looking at exact numbers )
- Cost (VPN hosting costs money)
- Very rarely some applications might not work properly
- You may need a 3rd party App to connect to your VPN serve (in the case of OpenVPN for example )

Why use PPTP protocol ??

- Very easy to implement (30 min for setup )
- Low latency and hosting requirement are low
- Widely supported in fact natively-supported in windows and Android so you do not need to install any extra apps
- Has all the functional benefits of a VPN

Keep in mind the protocol is not very secure though .

Setup your PPTP VPN:

Before you setup your VPN server make sure your VPS instance is installed and ready . We covered this part in a previous article here .

Start by login

2015-a12-img2
2015-a12-img3
update your OS:

sudo apt-get update

2015-a12-img4

install the PPTP server :

sudo apt-get install pptpd

2015-a12-img5

Now we need to configure the local IP for the server and connected clients :

sudo nano /etc/pptpd.conf

Add the following values in the end of the file pptpd.conf

localip 192.168.0.1
remoteip 192.168.0.100-200

2015-a12-img6

Make sure to save the file after editing it in NANO

Ctrl + x

Then type y and Enter to accept saving the file changes

2015-a12-img7
2015-a12-img8

Now you need to add some DNS server values , you can use OpenDNS but we will be using google public DNS . First edit pptpd-options

sudo nano /etc/ppp/pptpd-options

Then add the following values in place of the old values

ms-dns 8.8.8.8
ms-dns 8.8.4.4

2015-a12-img9

Now it is time to create your usernames

sudo nano /etc/ppp/chap-secrets

2015-a12-img10

Now we created our users we can start the PPTP service :

/etc/init.d/pptpd restart

The PPTP is started and users can connect , there will be no web connectivity yet though until we enable ipv4 packet forwarding and setup a NAT rule .
Start by editing sysctl.conf

sudo nano /etc/sysctl.conf

uncomment the following line :

net.ipv4.ip_forward=1

2015-a12-img11

Now to make sure that the changes are active run this command :

sudo sysctl -p

2015-a12-img12

Now edit the following file to add the NAT rule :

sudo nano /etc/rc.local

And now add the following line :

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

2015-a12-img13

Now reboot the server by running the following command :

reboot

now you are ready to login with your client .

You can add the following lines to your rc.local file if you want your server to have a LAN network(optional) .

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 192.168.0.0/24 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Speed and latncey tests:

This is using Nexus 5 Android 6.0 Marshmallow without the VPN connection : 2015-a12-img14

This is using the VPN connection :

2015-a12-img15

As you can see the upload and download speed got effected but very little , less than 15% in fact. The biggest hit was in the PING speed or latency . Down from 7 to 15ms but still , 15ms is solid . From the speed test above we can conclude that VPN technologies can be very usable with minimum hit to performance.


Sponsored Ads