Troubleshoot - by Hostrare
PPTP
A very primary VPN protocol based on PPP. PPTP was the greatest VPN protocol established on the Microsoft Windows platform. The PPTP designation does not specify encryption or authentication highlights and relies on the PPP protocol being tunneled to achieve protection functionality.
L2TP/IPSec
Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol achieved to support virtual private network (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it moves within the tunnel to provide privacy.
OpenVPN
OpenVPN is an open-source software application that realizes virtual private network (VPN) procedures for generating protected point-to-point or site-to-site contacts in routed or bridged configurations and remote access facilities. It utilizes a custom protection protocol[2] that utilizes SSL/TLS for key exchange. It is capable of crossing network address translators (NATs) and firewalls.
Please refer the following article about PPTP vs L2TP vs OpenVPN.
http://www.ivpn.net/knowledgebase/62/PPTP-vs-L2TP-vs-OpenVPN.html
Install ppp & pptpd on your cpanel server.
ppp and poptop should be need to install the VPN server.
yum install ppp
Goto http://poptop.sourceforge.net/yum/stable/ and download pptpd rpm as per your OS architecture.
wget http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/pptpd-1.3.4-2.el6.x86_64.rpmrpm -ivh pptpd-1.3.4-2.el6.x86_64.rpm
Open your pptpd.conf configuration file after installation completed.
vi /etc/pptpd.conf
End of the file add the following entries
localip 10.22.222.1remoteip 10.22.222.22-122
Local IP will be assigned to the ppp interface, and the Remote IP range is the range of IPs that will be assigned to VPN clients.
Next open the /etc/ppp/options.pptpd file
vi /etc/ppp/options.pptpd
Go to the ms-dns lines, add google DNS or your ISPs DNS servers.
ms-dns 8.8.8.8ms-dns 8.8.4.4
open the file /etc/ppp/chap-secrets to add some users
client server secret IP addressesvpnuser1 pptpd randompass1 *vpnuser2 pptpd randompass2 *
Change vpnuserX and randompassX to anything you like. Also if your clients have a static IP you can enter it instead of the * so that the particular VPN user will only be able to login from the specified IP.
Enable IP forwarding
open /etc/sysctl.conf
net.ipv4.ip_forward. Set it to 1
Firewall
Update the following configuration in your CSF firewall /etc/csf.
vi csfpre.sh
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPTiptables -A INPUT -i eth0 -p gre -j ACCEPTiptables -A OUTPUT -p gre -j ACCEPTiptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEiptables -A FORWARD -i ppp0 -o eth0 -j ACCEPTiptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
vi csfpost.sh
service pptpd stopservice pptpd start
Restart CSF firewall.
csf -r
Thants all….
our suuport team here for you 24/7
+8801977507015support@hostrare.comsend a leter Whether you are looking for a personal website hosting plan or a business website hosting plan, We are the perfect solution for you. Our powerful website hosting services will not only help you achieve your overall website goals, but will also provide you with the confidence you need in knowing that you are partnered with a reliable and secure website hosting platform.