Pptpd Setup for Eveonline
From Federal Burro of Information
vpn for fun and profit
pptp server:
- AWS linux box.
- ubuntu 18
- t2.micro ( 10$ / month - but I destroy it when I'm not useing it. )
- terraform to automate the up / down / config of the AWS resources, including a DNS record
client:
- windows 10
user-data:
#!/bin/bash
# inspiration
# ref https://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/
apt-get -y install pptpd
cat << EOA > /etc/pptpd.conf
localip 10.10.23.1
remoteip 10.10.23.120-140
debug
EOA
cat << EOF > /etc/ppp/pptpd-options
ms-dns 10.10.23.1
nobsdcomp
noipx
mtu 1490
mru 1490
debug
EOF
cat << EOD > /etc/ppp/chap-secrets
user * password *
EOD
cat << CATS >> /etc/ppp/options
asyncmap 0
auth
crtscts
debug
dump
lock
hide-password
modem
lcp-echo-interval 30
lcp-echo-failure 4
noipx
+mschap-v2
nodefaultroute
CATS
/bin/systemctl restart pptpd.service
cat << EOH > /etc/sysctl.d/10-forwarding.conf
net.ipv4.ip_forward=1
EOH
sysctl -p
echo "*.debug -/var/log/debug.log" >> /etc/rsyslog.d/50-default.conf
/bin/systemctl restart rsyslog.service
IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- I chose 10.10.23.0/24 arbitrarily, you can choose what ever cidr you want.
- I added debug to pptpd config and pppd config for make great log files.
- +mschap-v2 is non default and required for windows 10.
- change user and password in chap-secrets to something secure.
Setup the pptp connection on the windows server:
Note that setting "nodefaultroute" in the pppd options file has no effect as the windows client controls this. Change the settings on the connection adpater's properties. uncheck "Use default gateway on remote network"
once the link is up add a route to eve manually. run cmd as admin and do this:
netstat -rn
Look for the interface id of you ppp connection, then use the route add command here:
route add 87.237.34.200 mask 255.255.255.255 0.0.0.0 IF XX
87.237.34.200 tranquility.servers.eveonline.com
