Setup PPTP server on Linux for iOS devices

After struggling for hours, I finally figured out a way to configure linux PPTP servers for iOS devices (tested on Ubuntu 12.04 LTS on AWS), thanks to the post and a discussion on Apple Support Communities, who suggested adding the following settings in /etc/ppp/options.pptpd at the very bottom of the file.

nopcomp
noaccomp
mtu 1400
mru 1400
default-asyncmap

Compare to configure a server providing L2TP over IPSec, configuring a PPTP server is a lot easier. And here are the basic steps:

1. install pptpd and ppp

   $ sudo apt-get install pptpd ppp
   

2. configure local and remote ip ranges in /etc/pptpd.conf

   option /etc/ppp/pptpd-options
   logwtmp
   localip 192.168.0.1
   remoteip 192.168.0.234-238,192.168.0.245
   

3. and in /etc/ppp/pptpd-options, setup 128-bit MPPE with MS-CHAP v2

   name pptpd
   refuse-eap
   refuse-pap
   refuse-chap
   refuse-mschap
   require-mschap-v2
   require-mppe-128
   ms-dns 8.8.8.8
   ms-dns 8.8.4.4
   proxyarp
   nodefaultroute
   lock
   nobsdcomp
   # for iOS device compatibility
   nopcomp
   noaccomp
   mtu 1400
   mru 1400
   default-asyncmap
   

4. uncomment net.ipv4.ip_forward=1 in /etc/sysctl.conf

   net.ipv4.ip_forward=1
   

5. setup iptables in /etc/rc.local and make it persist even after reboot

   iptables -t nat -A POSTROUTING -j MASQUERADE
   # make it take effect right now
   sysctl -p
   # report no error
   exit 0
   

6. modify the login id and password at /etc/ppp/chap-secrets,

   # client  server  secret      IP addresses
   yourid    *       yourpasswd  *
   

7. and finally, we can create a bash script pptpd-restart containing

   #!/usr/bin/env bash
   service pptpd restart && /etc/rc.local
   netstat -untap | grep pp
   

   and run it

   sudo ./pptpd-restart
   

   if the log shows that pptpd is running, we are done.

Now, you should be able to connect the server from your iPhone or iPad with Maximum Encryption and your id+password.