KeeneticOS PPTP VPN server

If you own this router then you might be interested how to setup VPN Server. I am personally interested in a way of how to do this using CLI only. It looks easy however there is one odd settings you should be aware of. To start with, it will be PPTP VPN server, but as far as I know this KeeneticOS can set up also OpenVPN and possibly WireGuard, but as always PPTP is the easiest to configure. Start with logging into the box. It might sound obvious, but there are plenty of hardware which requires now unsuported algorithms and ciphers:

ssh  -o "HostKeyAlgorithms=+ssh-dss" admin@x.x.x.x -o"KexAlgorithms=+diffie-hellman-group1-sha1" -c aes256-ctr

Fortunately you can pass options to ssh client for HostKeyAlgorithms, KexAlgorithms and also ciphers (-c argument). This allows you to enter the box. Next:

mtu 1400
system configuration save
service vpn-server
vpn-server interface YOURINTERFACE
vpn-server pool-range x.x.x.x y

Now we are close, but one odd thing:

no isolate-private
system configuration save
copy running-config startup-config

A word of explanation here. We just set up server on a interface with given pool-range which is client IP range while connecting to the VPN. We connect using username and password which is also used to access the box via SSH. Service command enables VPN server or any particular service you work on. Last thing is to disable network isolation, and we do this by specifying “no” before isolate-private. In the end we save configuration and copy current configuration into defaults. We are done here.

WordPress Appliance - Powered by TurnKey Linux