Introduction: Setup a VPN for Your IPhone/iPad or Computer
The great thing about a netbook or an iPhone is that you can connect to the internet from anywhere, the bad thing is that most of this traffic is unencrypted. This unencrypted traffic is open to all the hackers, and all the web admins in the world. Luckily, there is a tool to counter this, every one of these devices can connect to a VPN, allowing encrypted traffic between your mobile device and your home network.
Step 1: Installing and Setting Up PPTPD on Ubuntu Server
ssh into your server, and install the package pptpd on your ubuntu server or desktop
sudo apt-get install pptpd
Next it's time to configure your settings on your pptpd server with the file '''/etc/pptpd.conf'''
sudo nano /etc/pptpd.conf
Find the bottom lines that say
#localip 192.168.0.100
#remoteip 192.168.0.290
or something like that. We need to uncomment these lines, and change the ip addresses so they look something like this
localip local_ip_address_of_my_server
remoteip ip_range_to_assign_to_clients
The localip should be the address your router assigns to your server (make sure that your server receives a static ip), while the remoteip should be a range within your routers assignment range, but out of the normal assignment range
i.e. my local ip is 192.168.0.100 whereas my router assigns ip addresses between the ranges of 192.168.0.1-101, so i would set up my configuration like
localip 192.168.0.100
remoteip 192.168.0.102-202
the remote ip is outside of my routers normal range, but still within the total range.
sudo apt-get install pptpd
Next it's time to configure your settings on your pptpd server with the file '''/etc/pptpd.conf'''
sudo nano /etc/pptpd.conf
Find the bottom lines that say
#localip 192.168.0.100
#remoteip 192.168.0.290
or something like that. We need to uncomment these lines, and change the ip addresses so they look something like this
localip local_ip_address_of_my_server
remoteip ip_range_to_assign_to_clients
The localip should be the address your router assigns to your server (make sure that your server receives a static ip), while the remoteip should be a range within your routers assignment range, but out of the normal assignment range
i.e. my local ip is 192.168.0.100 whereas my router assigns ip addresses between the ranges of 192.168.0.1-101, so i would set up my configuration like
localip 192.168.0.100
remoteip 192.168.0.102-202
the remote ip is outside of my routers normal range, but still within the total range.
Step 2: Find Your DNS
Now we need to find your DNS in order to enable internet traffic for your connected device. In order to find your DNS in ubuntu server, open the name server file.
sudo nano /etc/resolv.conf
You should see an ip address there, write it down. Now we need to let pptpd use that DNS. Edit the file pptpd-options
sudo nano /etc/ppp/pptpd-options
and find the lines
#ms-dns 10.0.0.1
#ms-dns 10.0.0.1
uncomment these lines, and replace the ip 10.0.0.1 with the ip address you wrote down earlier so it should look something like
ms-dns 192.168.0.1
ms-dns 192.168.0.1
sudo nano /etc/resolv.conf
You should see an ip address there, write it down. Now we need to let pptpd use that DNS. Edit the file pptpd-options
sudo nano /etc/ppp/pptpd-options
and find the lines
#ms-dns 10.0.0.1
#ms-dns 10.0.0.1
uncomment these lines, and replace the ip 10.0.0.1 with the ip address you wrote down earlier so it should look something like
ms-dns 192.168.0.1
ms-dns 192.168.0.1
Step 3: Adding Users to Your Server
Now we need to add users to your VPN server. To add them, we need to edit the file /etc/ppp/chap-secrets
sudo nano /etc/ppp/chap-secrets
Scroll to the bottom and add the lines
user pptpd passwd *
You can add any user this way, replacing the user with you desired username, and passwd with your desired password, the * allows you to access your user from any ip. Now we need to restart the server
sudo /etc/init.d/pptpd restart
sudo nano /etc/ppp/chap-secrets
Scroll to the bottom and add the lines
user pptpd passwd *
You can add any user this way, replacing the user with you desired username, and passwd with your desired password, the * allows you to access your user from any ip. Now we need to restart the server
sudo /etc/init.d/pptpd restart
Step 4: Enable the Routing Services
Now we need to allow the device to access the VPN through a forwarded service by editing the /etc/sysctl.conf file
sudo nano /etc/sysctl.conf
Find the line which contains #net.ipv4.ip_forward=1 and change it to look like
net.ipv4.ip_forward=1
save it and exit. Verify it's configured correctly by typing
sudo sysctl -p
sudo nano /etc/sysctl.conf
Find the line which contains #net.ipv4.ip_forward=1 and change it to look like
net.ipv4.ip_forward=1
save it and exit. Verify it's configured correctly by typing
sudo sysctl -p
Step 5: Forwarding the Port
To allow the server to forward the port, type the command
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
This allows your server to connect to the VPN clients using the iptables program. This command does not run on startup, so I suggest using the file supplied to create a startup script. First you must create your own script
i.e.
#/bin/bash
sudo iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE
save it in your / folder under the name vpn.sh, make it executable with the command
sudo chmod +x vpn.sh
then place my startup script in your /etc/rc.local/ folder
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
This allows your server to connect to the VPN clients using the iptables program. This command does not run on startup, so I suggest using the file supplied to create a startup script. First you must create your own script
i.e.
#/bin/bash
sudo iptables -t nat -A POSTROUTING -o ethX -j MASQUERADE
save it in your / folder under the name vpn.sh, make it executable with the command
sudo chmod +x vpn.sh
then place my startup script in your /etc/rc.local/ folder
Step 6: Connecting the IPhone/Device
Go onto your iphone, and go to
Settings -> Gerneral -> Network -> VPN
and insert all your desired settings, then connect. For other devices, just google to find a way to connect to the VPN. Now all your network information is encrypted. Happy browsing!
Settings -> Gerneral -> Network -> VPN
and insert all your desired settings, then connect. For other devices, just google to find a way to connect to the VPN. Now all your network information is encrypted. Happy browsing!