Linux RAS – Remote Access Service

We recently had the need to configure a Linux box to be used as a RAS. It allows for external users to create a PPTP VPN to it. It is configured on Centos 5.5 and can use Radius or Active Directory/LDAP to authenticate however in this instance we are using a local users list.

Warning: There is a high probability this content is outdated or incomplete and is left here purely for archival purposes

Linux must be running kernel 2.6.15 or above.

  1. We need to install the appropriate PPTP repo to allow us to install PPTPD using yum.
    [root@fs1 ~]# rpm -Uvh http://poptop.sourceforge.net/yum/stable/packages/pptp-release-4-5.rhel5.noarch.rpm
  2. Next install PPTPD
    [root@fs1 ~]# yum install pptpd 
  3. We need to configure PPP by editing /etc/ppp/options.pptpd. We need to change the following
    1. name  – Set this to your servers hostname. e.g.
      name fs1
    2. ms-dns – The IP address of your internal DNS server e.g.
      ms-dns 192.168.1.200
  4. We now need to configure PPTPD by editinge /etc/pptpd.conf
    1. localip – The IP Address of the PPP interface to use. e.g. 
      localip 192.168.1.201
    2. remoteip – The IP Addresses to assign to clients e.g.
      remoteip 192.168.1.210-240
  5. Next we have to create our users. Edit /etc/ppp/chap-secrets
    • Users are created in the following format:
      Username ServerName Password SourceIP

      e.g.
      administrator fs1 password#1 *
    • Note both the ServerName and SourceIP can be replaced with the wildcard *
  6. Now start PPTPD and start it on boot
    [root@fs1 ~]# chkconfig pptpd on
    [root@fs1 ~]# /etc/init.d/pptpd start

You will have to ensure that port 1723 TCP is enabled/port forwarded to allow access from the outside.

If you are having issues check /var/log/messages as that is were messages are sent

Further Reading and References: