Skip to end of metadata
Go to start of metadata

CentOS provides an PPTP solutions in the repository, 

STEP 1. Install PPTP

sudo yum update
sudo yum -y install pptp
sudo modprobe nf_conntrack_pptp
sudo modprobe ppp_mppe

STEP 2. Run sudo vi /etc/ppp/chap-secrets to edit the chap-secret file as shown below:

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
vpnusername PPTP vpnpassword *

Note that you should put space or tab between elements listed above.

STEP 3. Run sudo vi /etc/ppp/peers/linuxconfig and enter the following information. You can create your own name whatever instead of linuxconfig.

pty "pptp -nolaunchpppd"
name yourVPNusername
remotename PPTP
file /etc/ppp/options.pptp
ipparam linuxconfig

STEP 4. Run sudo vi /etc/ppp/options.pptp to be sure there is no # sign before these lines.


STEP 5. Run sudo vi /etc/ppp/ip-up.local and add the following line. By doing so, it will set the default to ppp0.

/sbin/route add default ppp0

In order to execute the file, run

sudo chmod 755 /etc/ppp/ip-up.local

STEP 6. Allow pptp to your firewall policy

firewall-cmd --permanent --zone=public --add-port=1723/tcp
firewall-cmd --permanent --zone=public --add-port=1723/udp
firewall-cmd --reload

STEP 6. Connect to the VPN by running

sudo pppd call linuxconfig

STEP 7. How do I check the accuracy of your VPN IP and location?


If there is no change, please check your network interface by ifconfig - for example) ppp0 with the assigned IP address

STEP 8. How to disconnect the VPN

sudo pkill pppd

STEP 9. Trouble shooting

If you are unable to connect, please check your connection logs by running

sudo cat /var/log/messages | grep pppd

If you use firewalld with pptp, you will need to call following commands to add rules to firewalld

sudo firewall-cmd --permanent --zone=public --direct --add-rule ipv4 filter INPUT 0 -p gre -j ACCEPT
sudo firewall-cmd --permanent --zone=public --direct --add-rule ipv6 filter INPUT 0 -p gre -j ACCEPT
sudo firewall-cmd --permanent --zone=public --add-masquerade
sudo firewall-cmd --reload