I've installed pptpd on ubuntu 18.04 and I can connect to vpn with android and windows client but I have no internet access while the server has full internet access. In pptpd log I noticed the error "Cannot determine ethernet address for proxy ARP".
I've changed the dns in /etc/ppp/options.pptpd as below:
ms-dns 8.8.8.8
ms-dns 8.8.4.4
I've also created users in /etc/ppp/chap-secrets and clients can connect without problem (but with no internet access.)
I've also enabled IP forwarding in /etc/sysctl.conf
net.ipv4.ip_forward = 1
and execute this command:
sudo sysctl -p
I changed local and remote IPs in /etc/pptpd.conf as below:
localip 10.0.0.1
remoteip 10.0.0.100-200
And I also tried:
localip 192.168.0.1
remoteip 192.168.0.100-200
I configured firewall for IP masquerading:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
This is the ifconfig result:
photon@ubuntu1804:~$ ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 162.223.91.163 netmask 255.255.255.192 broadcast 162.223.91.191
inet6 fe80::250:56ff:fe94:32d0 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:94:32:d0 txqueuelen 1000 (Ethernet)
RX packets 543184 bytes 41817268 (41.8 MB)
RX errors 0 dropped 566 overruns 0 frame 0
TX packets 50407 bytes 6441592 (6.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 122 bytes 10010 (10.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 122 bytes 10010 (10.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And this is the pptpd status:
photon@ubuntu1804:~$ sudo systemctl status pptpd
● pptpd.service - PoPToP Point to Point Tunneling Server
Loaded: loaded (/lib/systemd/system/pptpd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-05-23 07:31:03 +0430; 20s ago
Docs: man:pptpd(8)
man:pptpctrl(8)
man:pptpd.conf(5)
Main PID: 6466 (pptpd)
Tasks: 3 (limit: 1107)
CGroup: /system.slice/pptpd.service
├─6466 /usr/sbin/pptpd --fg
├─6475 pptpd [5.119.181.36:478E - 0000]
└─6479 /usr/sbin/pppd local file /etc/ppp/pptpd-options 115200 10.0.0.1:10.0.0.100 ipparam 5.119.181.36 plugin /usr/lib/pptpd/pptpd-logw
May 23 07:31:12 ubuntu1804 pptpd[6475]: CTRL: Starting call (launching pppd, opening GRE)
May 23 07:31:12 ubuntu1804 pppd[6479]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
May 23 07:31:12 ubuntu1804 pppd[6479]: pppd 2.4.7 started by root, uid 0
May 23 07:31:12 ubuntu1804 pppd[6479]: Using interface ppp0
May 23 07:31:12 ubuntu1804 pppd[6479]: Connect: ppp0 <--> /dev/pts/1
May 23 07:31:13 ubuntu1804 pppd[6479]: peer from calling number 5.119.181.36 authorized
May 23 07:31:13 ubuntu1804 pppd[6479]: MPPE 128-bit stateless compression enabled
May 23 07:31:14 ubuntu1804 pppd[6479]: Cannot determine ethernet address for proxy ARP
May 23 07:31:14 ubuntu1804 pppd[6479]: local IP address 10.0.0.1
May 23 07:31:14 ubuntu1804 pppd[6479]: remote IP address 10.0.0.100
After trying many solutions finally I found the answer. My ethernet interface called ens160 so for IP masquerading I should use this:
sudo iptables -t nat -A POSTROUTING -o ens160 -j MASQUERADE