I have been using VPN servers as part of my day-to-day job for years. It is what lead me to starting a VPN review site. One of the issues I have found is that sometimes you need a VPN server but none of the providers seem to support your country. I have this often coming from South Africa. Very few VPN providers seem to support South Africa. I have a very simple script which you can use to set up your own private VPN server. Just think, your own PPTP server without everyone downloading torrents on it making it terribly slow to use.
For this example, I will be using Host1Plus who offer unbelievable cheap VPS’s in various locations which make them an ideal choice. For this example I will be using the Amber package, Joburg (South Africa) location and Ubuntu 14.04. If you take the 6 month subscription it works out to $16 or $2.70pm. That is a STEAL!
Now that you have the server purchased and ready to rock and roll, you will then need the following script which will install the VPN for you in 1 go. I say VPN in one click, but thats not quite true. As we’re using bash it is a few more keystrokes and a few less mouse clicks 🙂
That is pretty much it. From here you can use your favourite VPN client to connect. When using Windows, you can use the built in VPN client. On Mac, I prefer to use a tool like Shimo VPN which allows PPTP which Mac OSX Sierra decided to drop support for (grump!).
#!/bin/sh # Setup Simple PPTP VPN server for Ubuntu and Debian # Copyright (C) 2015-2016 Danyl Zhang <[email protected]> and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. printhelp() { echo " Usage: sh setup.sh [OPTION] If you are using custom password , Make sure its more than 8 characters. Otherwise it will generate random password for you. If you trying set password only. It will generate Default user with Random password. example: sudo bash setup.sh -u vpn -p mypass Use without parameter [ sudo bash setup.sh ] to use default username and Random password -u, --username Enter the Username -p, --password Enter the Password " } while [ "$1" != "" ]; do case "$1" in -u | --username ) NAME=$2; shift 2 ;; -p | --password ) PASS=$2; shift 2 ;; -h | --help ) echo "$(printhelp)"; exit; shift; break ;; esac done if [ `id -u` -ne 0 ] then echo "Need root, try with sudo" exit 0 fi apt-get update apt-get -y install net-tools apt-get -y install pptpd || { echo "Could not install pptpd" exit 1 } echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf sed -i '[email protected]_syncookies.*@#net.ipv4.tcp_syncookies = [email protected]' /etc/sysctl.conf sysctl -p ETH=`route | grep default | awk '{print $NF}'` iptables -I INPUT -p tcp --dport 1723 -j ACCEPT iptables -I INPUT --protocol 47 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -d 0.0.0.0/0 -o $ETH -j MASQUERADE iptables -I FORWARD -s 192.168.2.0/24 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356 service iptables save service iptables restart #no liI10oO chars in password LEN=$(echo ${#PASS}) if [ -z "$PASS" ] || [ $LEN -lt 8 ] || [ -z "$NAME" ] then P1=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3` P2=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3` P3=`cat /dev/urandom | tr -cd abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789 | head -c 3` PASS="$P1-$P2-$P3" fi if [ -z "$NAME" ] then NAME="vpn" fi cat >> /etc/ppp/chap-secrets <<END $NAME pptpd $PASS * END cat >/etc/pptpd.conf <<END option /etc/ppp/options.pptpd #logwtmp localip 192.168.2.1 remoteip 192.168.2.10-100 END cat >/etc/ppp/options.pptpd <<END name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 209.244.0.3 proxyarp lock nobsdcomp novj novjccomp nologfd END apt-get -y install wget || { echo "Could not install wget, required to retrieve your IP address." exit 1 } #find out external ip IP=`wget -q -O - http://api.ipify.org` if [ "x$IP" = "x" ] then echo "============================================================" echo " !!! COULD NOT DETECT SERVER EXTERNAL IP ADDRESS !!!" else echo "============================================================" echo -e "You can now connect to your VPN via your external IP \033[32m${IP}\033[0m" fi echo -e "Username: \033[32m${NAME}\033[0m" echo -e "Password: \033[32m${PASS}\033[0m" sleep 2 service pptpd restart exit 0
The above code assumes that you are running Ubuntu server and have iptables running as a ‘service’ and have the /etc/init.d script in place.
Steps
[[email protected]_vpn ~]# vim pptp.sh
Now paste the contents above into the file.
[[email protected]_vpn ~]# chmod +x pptp.sh
This will make the file executable. Now that this is done you can now ‘setup’ your VPN.
-- snipping all the output -- Reading package lists... Done Building dependency tree Reading state information... Done wget is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. ============================================================ -e You can now connect to your VPN via your external IP 127.0.0.1 #changed IP but this will show your IP -e Username: A_User_Name -e Password: yourPassword
Now your new VPN server is ready to go. Enjoy
If you found this useful, please consider using my referal link for Host1Plus as a way to say thank you.
There are no comments yet, add one below.