Virtual Private Network (VPN) is the most effective way to bypass access control, the censorship, and network spying. It is also a safe way to connect to the internet to protect your privacy. It is usually better than using web proxy.
For example, when you are on a business visit to Asia, very likely, you are not able to access your Hulu Plus contents or Amazon Prime unless you use a VPN connection to a server located in US. The reason is that Hulu or Amazon is only allowed to stream videos in US per license agreement with copyright holders.
Of course, there are many VPN providers. But if you want full control or want to share the vpn with your buddies, you can get a server and install it by yourself.
There are mainly 3 types of VPN servers: Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP) and OpenVPN. In this tutorial, we use PPTP because it is supported natively on almost all devices, Windows, Linux, Android, IOS and Mac OS.
Step 1. Install PPTPD
If your OS is CentOS/RedHat 5:
# yum install ppp
# cd /usr/local/src
# wget http://poptop.sourceforge.net/yum/stable/packages/ppp-2.4.4-14.1.rhel5.x86_64.rpm
# rpm -Uhv ppp-2.4.4-14.1.rhel5.x86_64.rpm
If your OS is CentOS/RedHat 6:
# yum install ppp
# cd /usr/local/src
# wget http://poptop.sourceforge.net/yum/stable/packages/ppp-2.4.5-33.0.rhel6.x86_64.rpm
# rpm -Uhv ppp-2.4.5-33.0.rhel6.x86_64.rpm
If you are using Ubuntu:
# apt-get install pptpd
Step 2. Edit IP settings in /etc/pptpd.conf
# vim /etc/pptpd.conf
localip 192.168.0.1
remoteip 192.168.0.101-200
Step 3. Add user account in/etc/ppp/chap-secrets (assign username and password)
# vim /etc/ppp/chap-secrets
usernameForuser1 * setpassword1here *
usernameForuser2 * setpassword2here *
Step 4. Optional settings in /etc/ppp/options.pptpd
# vim /etc/ppp/options.pptpd
ms-dns 8.8.8.8
ms-dns 4.4.4.4
Step 5. Enable network forwarding in /etc/sysctl.conf
# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
Use the following command to apply the change:
# sysctl -p
Step 6. Configure firewall
# iptables -A INPUT -i eth0 -p tcp –dport 1723 -j ACCEPT
# iptables -A INPUT -i eth0 -p gre -j ACCEPT
# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
# iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
# service iptables save
# service iptables restart
Step 7. Start PPTP VPN server
If your OS is CentOS or Redhat, using the following command:
# service pptpd restart
To start PPTP Daemon automatically when rebooting next time, use command:
# chkconfig pptpd on
If your OS is Ubuntu, you just reboot your machine.
Now you can test the VPN server from any client: Windows PCs, Linux PCs, Android phones/tablets, or iPhone and iPad.
The log of the VPN server, by default, is combined with system log located at /var/log/messages.