February 19, 2021 17:28
Yes. The protocol itself is no longer secure, as cracking the initial MS-CHAPv2 authentication can be reduced to the difficulty of cracking a single DES 56-bit key, which with current computers can be brute-forced in a very short time (making a strong password largely irrelevant to the security of PPTP as the entire 56-bit keyspace can be searched within practical time constraints).
Really. Take that seriously. PPTP should not be used anywhere except inside secured, isolated and local environments anymore!
Install it with:
sudo apt install pptpd
Create a new config in
localip 10.8.0.1 remoteip 10.8.0.200-220
Add the users and passwords
# Secrets for authentication using CHAP # client server secret IP addresses #vpnuser * pass123 * client1 pptpd very_secure_password 10.8.0.2 client2 pptpd very_secure_password 10.8.0.3
And add the upstream DNS servers in
ms-dns 220.127.116.11 ms-dns 18.104.22.168
Need some more logs?
sudo tail -f /var/log/messages
And finally activate the service:
sudo systemctl enable pptpd sudo systemctl start pptpd