Setting up PPTPD on Linux

I used to have a VPN on Linux. It is running PPTPD on CentOS 5  on a OpenVZ. It used to work fine but last week I found it didn't work any more. I checked the configuration and the iptables and didn't find anything wrong. I also contacted the VPS vendor and couldn't solve this issue. At last I reinstalled the OS and start everything from scratch. When I went on to the setting of the new server, I found the possible reasons why it didn't work before.

I first set up the PPTPD with the standard step, similar to this link. And I connected to it from my iPhone and it worked. What it didn't work is to open web pages and ping to external IPs didn't work either. I sent an email to the vendor asking them to look into the iptables issues and I went on other settings. I add "ALL:ALL" to /etc/hosts.deny and "sshd:ALL" to /etc/hosts.allow. I changed the pam (/etc/pam.d/system-auth). I also modified iptables in aim of making it more secure. After doing this, I found that it didn't work again. It just looks like what I had encountered. I looked at the log. There was only message when PPTPD started. Nothing else is there. I believed some of the settings failed it. Then I rolled back the settings and it worked. I made the one change at a time and tested if everything is fine. And I found:
1. "ALL:ALL" in /etc/hosts.deny fails PPTPD. I believes it is also the reason why I couldn't connect and had to reinstall the OS. And I added a line "pptpd:ALL" to /etc/hosts.allow and it worked.
2. pam may also failed the authentication. I made the change according to this link. And the iPhone failed to connect to the vpn. I also looked at the log. It showed that PPTPD received requests.
3. the name of network card. The name should be venet0. But I used eth0 in all iptables settings. And that is why I couldn't open web pages or ping to any IPs.


Leave a comment

Your email address will not be published. Required fields are marked *