Setting up a VPN (PPTP)server (Ubuntu 14.04)

Published on May 1, 2014

Setting up a VPN (PPTP) server (Ubuntu 14.04)

In order to change my IP address for all communication, including streaming, I configured a PPTP-based VPN on Amazon EC2. This is a record of that process.

Setting up the server

To improve network speed I used an m3.medium instance. As of May 2014, using a spot instance costs about $0.0081/hour. For the OS I used Ubuntu Server 14.04 LTS (PV), which is provided by Amazon.

Installing and configuring the PPTP server

Installing pptpd

sudo apt-get install pptpd

Configuring pptpd

/etc/pptpd.conf

Set an IP address range that does not overlap with your local network. Here I use 192.168.200.*.
localip 192.168.200.2
remoteip 192.168.200.128-191

/etc/ppp/pptpd-options

Configure DNS. Here I use Google's public DNS.
ms-dns 8.8.8.8
ms-dns 8.8.4.4

/etc/ppp/chap-secrets

Configure the username and password. Replace username and password with your own before writing them. The second field is the server name, and it needs to match the name in /etc/ppp/options.pptpd; since it defaults to pptpd, this is fine as is. Depending on your situation you can also use * to match everything.
username pptpd "password" *

Configuring NAT

/etc/sysctl.conf

Enable IPv4 forwarding.
net.ipv4.ip_forward=1

/etc/rc.local

Make the startup script bring up NAT automatically. This only takes effect when the instance restarts. If you are not going to restart, run this command directly to bring up NAT.
sudo iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -j MASQUERADE

Applying the settings

Load the settings changed in /etc/sysctl.conf.
sudo sysctl -p

Restarting pptpd

Restart pptpd so that the settings configured so far take effect.
sudo /etc/init.d/pptpd restart

Setting up the VPN on a Mac

Open "System Preferences" and then "Network." Click the "+" button at the bottom left to move to the screen for adding a new interface, set the interface to "VPN" and the VPN type to "PPTP," and add the VPN interface.
Next, click the gear button, open "Set Service Order…," and move the VPN interface you added to the very top.
  • Server Address … Set the IP address of the server on which you set up pptpd (e.g. ec2-XXX-XXX-XXX-XXX.us-west-2.compute.amazonaws.com)
  • Account Name … Use the username you set in /etc/ppp/chap-secrets
  • Password … Open "Authentication Settings…," choose "Password," and use the password you set in /etc/ppp/chap-secrets
Enabling "Show VPN status in menu bar" here is convenient, since it lets you connect and disconnect the VPN without opening System Preferences.

References