How to establish PPTP VPN client connection on CENTOS/RHEL 7 Linux

共计 4140 个字符，预计需要花费 11 分钟才能阅读完成。

This guide will discuss a procedure on how to connect/establish a VPN connection using PPTP protocol on CentOS 7 or Redhat 7 Linux the non-GUI way. Below you can find connection details which will be used as an example. Replace the bellow PPTP VPN information to align with your PPTP VPN server settings:

• Connection name: guozi (can be any descriptive name)

• VPN connetion type: pptpd

• PPTP VPN server IP or domain: 123.123.123.123

• CHAP Username: admin

• CHAP User password: 00000000

1. Configuration

Let's begin by installation of PPTP client:

# yum install pptp

In the next step we will load a connection tracking support for PPTP module which is required in order to correctly establish PPTP VPN connection:

# modprobe nf_conntrack_pptp

Now, we need to add CHAP credentials as provided above into /etc/ppp/chap-secrets file:

# echo 'admin pptpd 00000000 *' >> /etc/ppp/chap-secrets

At this stage, using the above VPN connection information we need to create peer VPN config file and save it into /etc/ppp/peers/directory. Enter the below code into a file called guozi while replacing VPN server IP, name and ipparam directives:

pty "pptp 123.123.123.123 --nolaunchpppd"
name admin
remotename pptpd
require-mppe-128
file /etc/ppp/options.pptp
ipparam guozi

2. Connect to VPN PPTP

All is now ready to establish PPTP VPN connection:

# pppd call guozi

Check /var/log/messages for any errors or warnings. If the PPTP VPN connection was established correctly your should see output similar to the one below:

Sep 23 22:45:35 localhost pppd[2821]: CHAP authentication succeeded
Sep 23 22:45:35 localhost pppd[2821]: MPPE 128-bit stateless compression enabled
Sep 23 22:45:36 localhost pppd[2821]: local  IP address 172.16.36.3
Sep 23 22:45:36 localhost pppd[2821]: remote IP address 172.16.36.1

Once the VPN connection is established correctly a new network interface will be create. Use ip to see its configuration:

# ip a s
...
8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3
    link/ppp 
    inet 172.16.36.3 peer 172.16.36.1/32 scope global ppp0
       valid_lft forever preferred_lft forever

3. Setup default route

ip route replace default dev ppp0

4. Disconnect from VPN PPTP

To disconnect VPN PPTP connection simply gracefully kill pppd daemon by using the below command:

# pkill pppd

Following the logs we can see that pppd module exited gracefully:

Jan  7 18:00:21 localhost systemd: Started Network Manager Script Dispatcher Service.
Jan  7 18:00:21 localhost nm-dispatcher: Dispatching action 'down' for ppp0
Jan  7 18:00:21 localhost pppd[18960]: Exit

4. Troubleshooting

If you receive a below error message when following a /var/log/messages log:

pppd[32087]: LCP: timeout sending Config-Requests

You are missing a loadable module nf_conntrack_pptp. Load this module using a following command:

# modprobe nf_conntrack_pptp

5. Run in Shell Script

Also you can save above steps to shell script,setup_pptp.sh show below:

#!/bin/bash
. ./setup_pptp.cfg
function func_pptp_install()
{
    yum install -y ppp pptp
    modprobe nf_conntrack_pptp
    modprobe ppp_mppe
    echo "${PPTP_USER}  ${PPTP_REMOTENAME}  ${PPTP_PASS} *" > /etc/ppp/chap-secrets
cat >/etc/ppp/peers/${PPTP_IPPARAM}<<EOF
pty "pptp ${PPTP_SERVER} --nolaunchpppd"
name ${PPTP_USER}
password ${PPTP_PASS}
remotename ${PPTP_REMOTENAME}
file /etc/ppp/options.pptp
require-mppe-128
ipparam ${PPTP_IPPARAM}
EOF
}
function func_pptp_start()
{
    modprobe nf_conntrack_pptp
    modprobe ppp_mppe
    /usr/sbin/pppd call ${PPTP_IPPARAM}
    #return 0
    if [ $? -eq 0 ];then
        ip route replace default dev ${PPP_DEVICE}
        echo "Start pptp connection successful!"
    else
        echo "Start pptp connection failure,detail see /var/log/messages"
    fi
}
function func_pptp_stop()
{
    /usr/bin/pkill pppd
    if [ $? -eq 0 ];then
        echo "Stop pptp connection successful"
    else
        echo "Stop pptp connection failure,detail see /var/log/messages"
    fi
}
case $1 in
    install)
        func_pptp_install
    ;;
    start)
        func_pptp_start
    ;;
    stop)
        func_pptp_stop
    ;;
    *)
        echo "$0 install | start | stop"
        exit 0
    ;;
esac
exit 0

A configuration maybe like this(setup_pptp.cfg):

PPTP_USER='admin'
PPTP_PASS='00000000'
PPTP_REMOTENAME='pptpd'
PPTP_SERVER='123.123.123.123'
PPTP_IPPARAM='guozi'

It's easy to use this script.Run as './setup_pptp.sh install' to install the pptp service,'./setup_pptp.sh start' start the pptp service.

More:

Get A pptp Account