Step-1 Forward GRE protocol and TCP port 1723 through your firewall
Step-2 Add the Poptop Yum Repository
rpm -Uhv http://poptop.sourceforge.net/yum/stable/rhel5/pptp-release-current.noarch.rpm
Step-3 Configure iptables
Create iptables_set.sh, chmod +x iptables_set.sh, and run the script.
Note: The following will work but you may wish to change the source address from 10.10.9.0/24 to the network range of your choosing based on your network.
#!/bin/bash
/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p gre -j ACCEPT
/sbin/iptables -A INPUT -p icmp -j ACCEPT
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
/sbin/service iptables save
/sbin/iptables -L -v
Step-4 Configure Routing
Edit /etc/sysctl.conf
net.ipv4.ip_forward = 1
Step-5 Make the changes active
sysctl -p
Step-6 Install PPTP Server
yum install ppp pptpd
Step-7 Configure the service to start on boot
chkconfig –levels 345 pptpd on
Step-7 Configure Client Network Options change IP address according to your requirement
Modify /etc/pptpd.conf
localip 10.10.11.1
remoteip 10.10.11.5-100
Modify /etc/ppp/options.pptpd
ms-dns 208.67.222.222
ms-dns 208.67.220.220
Step-8 Configure Client Access
You will need to customize the client name, secret (password), and you can either allow all IP address or limit as necessary.
Edit /etc/ppp/chap-secrets.
# Secrets for authentication using CHAP
# client server secret IP addresses
test-user * test-password *
Step-9 Start the Server
Start the pptpd service
service pptpd start
Step-10 Configure the Client
source link