EdgeRouter - PPTP VPN Server
Overview
Readers will learn how to configure the EdgeRouter as a PPTP (Point-to-Point Tunneling Protocol) server.
Table of Contents
Configuring the PPTP Server
The EdgeRouter PPTP VPN server provides access to the LAN (192.168.1.0/24) for authenticated PPTP clients.
1. Enter configuration mode.
configure
2. Add firewall rules for the PPTP traffic to the local firewall policy.
set firewall name WAN_LOCAL rule 30 action accept
set firewall name WAN_LOCAL rule 30 description PPTP
set firewall name WAN_LOCAL rule 30 destination port 1723
set firewall name WAN_LOCAL rule 30 protocol tcp
3. Configure the server authentication settings, in this example we are using local authentication.
set vpn pptp remote-access authentication mode local
set vpn pptp remote-access authentication local-users username <username> password <secret>
Use RADIUS instead of local authentication.
set vpn pptp remote-access authentication mode radius
set vpn pptp remote-access authentication radius-server <address> key <secret>
4. Define the IP address pool that will be used by the VPN clients.
set vpn pptp remote-access client-ip-pool start 192.168.100.240
set vpn pptp remote-access client-ip-pool stop 192.168.100.249
5. Define the DNS server(s) that will be used by the VPN clients.
set vpn pptp remote-access dns-servers server-1 <address>
set vpn pptp remote-access dns-servers server-2 <address>
6. Define the WAN interface which will receive PPTP requests from clients. Configure only one of the following statements:
Your WAN interface receives an address through DHCP. set vpn pptp remote-access dhcp-interface eth0 |
Your WAN interface is configured with a static address. set vpn pptp remote-access outside-address <wan-address> |
Your WAN interface receives an address through PPPoE. set vpn pptp remote-access outside-address 0.0.0.0 |
7. Lower the MTU for PPTP traffic.
set vpn pptp remote-access mtu <value>
8. Commit the changes and save the configuration.
commit ; save
Setting up the PPTP Client
Windows Client
In this section, we are using a Windows 10 machine as the PPTP client.
1. Add a new VPN connection.
Settings > Network & Internet > VPN > Add a VPN connection
VPN Provider: Windows (built-in)
Connection name: PPTP
Server name: 203.0.113.1
VPN Type: Point to Point Tunneling Protocol (PPTP)
Type of sign-in info: User name and password
User name: <username>
Password: <secret>
2. Navigate to the Windows 10 Network connections.
Settings > Network & Internet > Status > Change Adapter Options > PPTP Adapter properties
Security > Allow these protocols > Microsoft CHAP Version 2 (MS-CHAP v2)
Related Articles
EdgeRouter - L2TP IPsec VPN Server
Intro to Networking - How to Establish a Connection Using SSH