Install on Raspberry Pi a VPN with PPTP server
Here's the first article made at the request of a person who follows this site (and via Facebook and more ! 🙂 ). So today let's see how to set up a VPN on Raspberry Pi Server.
Before you begin, There may be a few details about what is a VPN and what it can be used.
How it works ?
You can find details technical everywhere on the Internet but what you should remember it is only the VPN (Virtual Private Network) connects two networks together or external machines to a specific network. The connection is done in a secure manner and in theory communications are not understandable by people outside even when everything via the Internet.
All this allows to pretend that one is on the same network as it passes through an intermediary which is often Internet.
The client initiates the connection to the server and encrypts data, the server decrypts, performs the actions and returns the requested information to the client with the same encryption.
This is so very very high level how it works (I pass on the different layers of the OSI model – souvenirs course network …)
It is well and good but what ?
Can find all a list for using a Server VPN on the raspberry:
- Remote access to machines on its domestic network. Including printers, the NAS, etc.
- Provide internet access in France if it is abroad (as for some sites of replay)
- Share some resources with specific individuals
- To connect from a public place at home to then go on the Internet securely from his home
- Surement d’autres utilisations que vous pourrez me donner 🙂
Voilà. So I think it can miss some details but broadly you now know what you could do.
Technically, There are a lot of solutions that exist. The most common are PPTP and OpenVPN.
- PPTP is a protocol developed by Microsoft. It has deficiencies but is relatively simple to implement.
- OpenVPN pushes technology further with further encryption, It passes through the proxy more easily than PPTP. Its implementation is however more complex.
You can find an article that compares the main protocols here.
I chose at first to talk about PPTP because it is also very well supported by most mobile devices. J’espère vous faire un autre article pour OpenVPN 😉
- Update of the system
apt-get update && apt-get upgrade
- Verify that the distribution kernel support PPP. This is the condition to install PPTP. If this command returns an error then it will need to recompile a kernel with PPP support or use Raspbian which has the module installed.
- Install the following package :
apt - get install pptpd
- Configure PPTPd via its configuration file /etc/pptpd.conf. All at the end of the file, There are two options :
- LocalIP : It's the local address of your Pi Raspberry. At home I'm on IP 192.168.1.25.
- remoteip : You must define on what IPs will be machines that will connect you. Personally I've set that 2 IPs because I did not intend to have my whole family on my network !
LocalIP 192.168.1.25 remoteip 192.168.1.200-201
- Now, need to update the options of PPP via /etc/ppp/pptpd-options :
- Ms - dns : It is DNS used for name resolution. Here I took those of Google.
- noipx : recommended option to disable IPX and IPXCP
name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 proxyarp lock nobsdcomp novj novjccomp nologfd ms-dns 220.127.116.11 Ms - dns 18.104.22.168
- In the file /etc/ppp/chap-secrets You can define the access you want to give to your VPN. The first line of the file contains the format of entries ([TAB] corresponds to the tab character):
# Secrets for authentication using CHAP # client[TAB]server[TAB]secret[TAB]IP addresses username[TAB]*[TAB]my_pwd[TAB]*
- Restart the service
restart service pptpd
- To enable IP Forwarding on the server in order to surf out of the VPN. For this, in the file /etc/sysctl.conf, Add the following line
- Run the following command to take into account the change. Don't forget otherwise not access Internet (I lost time on this command that I had forgotten to apply) !
Well this is. Your VPN server is in place. It is now accessible from the outside. For this, to redirect the port 1723 in TCP to your Pi Raspberry. This is happening on your router or box.
The test !
For this, I took my phone, I turned off Wi - Fi to be certain of going through 3G (3G , H , 4G, In short you have understood). And then I cried. Do not buy any Windows Phone ! Integrated VPN no, and VPN client not more !
So the solution has been to force the phone to cell, then force the iPad a pass by 3G of the phone and not the wifi and then configure the VPN on iPad. Phew !
The address of the server must be the external IP or type no ip, for example domain name. Do not put the local ip type 192.168.x.y otherwise outside you can not connect.
This is for your private network.
I'm sorry for the Android device owners but I did not at home. A priori it seems also integrated into the bone so no need to download tool. Side Windows, Linux and Mac Google/Bing or other remains your best friend and you will easily find how to configure a VPN connection when you are on the move.
Do not hesitate to give your impression on this solution : Security, speed, use, etc.
Source : wellsb