The easiest way to build your own VPN server

17 Jun
Posted on Author admin

The easiest way to build your own VPN server

Posted by 
March 13, 2012

Some people suggest that maybe you should try to build your own vpn server yourself! Indeed it’s not rocket science but still it needs someone to show you the rope. I am not going to be very detailed in each step but you can research them separately.

http://dallascao.com/en/the-easiest-way-to-build-your-own-vpn-server/

Step one: First get a VPS

get a Linux VPS. A VPS is shortened for Virtual Private Server. It’s not a whole machine (too costly!) but one portion of a machine. A 256 Ram VPS is about 60-90 USD a year and that’s all you have to pay. And if you manage to sell your VPN accounts, you can even make profits!

Recommended provider: http://www.enzu.com/account/aff.php?aff=184

You need to get a VPS with linux Centos (other systems will work but I only know centOS) installed. After purchasing you will get an IP for your VPS, and a SSH (never mind those terms. Nobody knows what they are) account.

One thing to remember though. You VPS has to be using Xen (again never mind these terms. Just look for Xen VPS) not openVZ. openVZ is a lot cheaper but it won’t work.

Step two: install PPTP server application on your VPS

Use Putty (software name) to log on to your remote VPS using the IP and SSH account provided. And you get a DOS like black Window with a command line like this:

Type at the command line:

wget https://breakwall.net/promo/pptpd.sh

And press enter
Then type at the command line:

bash pptpd.sh

to run the script.

PPTP server application will be installed on your VPS. At the end of the installation, the script will create an VPN account for you (a username and a password).

That’s it. You now get your own VPN account on your own server! Now you can use the username and password and the IP of your server to log on. Of course you will need to do a simple set up on your Windows or iPad or Android phone like with a VPN account you get from a VPN service provider.

Step three: sell your VPN accounts!

I am just kidding. It takes a lot more to run a VPN business. But soon you will want to impress your friends by creating an VPN account on your server for them too!

It’s easy to add VPN accounts. Just edit a file “/etc/ppp/chap-secrets” on your folder. Wait.. how do you do that? You easiest way for people who are unfamiliar with linux is perhaps using FTP!

1. Download and install FileZilla (FTP client software).
2. Click “site manager” (the first button on the tool bar) and click add site
For Host field: type your server IP.
For Protocol: choose SFTP
For Login type: choose General
Then input your SSH account (not your VPN account!,the one that you VPS provider gives you) . The user name is usually “root”.
3. Click “Connect” and then you open your sever.
Go to /etc/ppp/ and then download the file “chap-secrets”. Edit that file with notepad and add a line:

newaccountname pptpd password *

4. Save the file and upload to the server to replace the old file.

Last but not least, you need to use you SSH account to log on your server command line using Putty again (like in step two) and then type:

service pptpd restart

For your new account to take effect.

 

 

  • make the following changes to get it to work on my vps, using webmin

require  authentication – Always

chap authentication – Must be Used

  •  Also had to do the following
nano -w /etc/sysctl.conf

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

Finally, apply our new sysctl settings. Start the server and assure that it starts automatically on boot:

sysctl -p
then restart pptg

for ipsec/l2tp vpn

/ppp profile
add change-tcp-mss=yes dns-server=192.168.101.1 local-address=192.168.101.1 name=VPN_server_profile \
remote-address=vpn_pool_pokus

/ppp secret
add name=ppp_secret password=ppp_pass profile=VPN_server_profile service=l2tp

/ip ipsec peer
add exchange-mode=main-l2tp generate-policy=port-override hash-algorithm=sha1 my-id-user-fqdn=myrouter.mydomain.cz \
nat-traversal=yes secret=VPN_secret

/ip firewall filter
add chain=input protocol=icmp
add chain=input connection-state=established
add chain=input connection-state=related
add chain=input protocol=ipsec-esp
add chain=input protocol=gre
add chain=input comment=”L2TP VPN” dst-port=500,4500,1701 protocol=udp src-port=””
add action=drop chain=input in-interface=wan
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan