Catalina and PPTP VPN

Posted on by

Note: for instructions on doing this with Big Sur, go here.

I understand security is an issue with PPTP VPN connections, but mitigation systems I access have routers that still rely on this protocol. Apple’s macOS began leaving PPTP years ago and with Catalina, the purge is complete. Fortunately, Filip Molcik and his readers have tackled this and I’ve modified their instructions here for connecting with SmartFlex routers as described in the following steps:

1. Open Terminal.app and run the following command (you may need to precede these with ‘sudo’):

mkdir /etc/ppp/peers
cd /etc/ppp/peers
sudo pico pptp_config_file

2. Paste in the following text and replace instances of REMOTE_ADDRESS, USERNAME, and PASSWORD with what is required by your PPTP server (also note, this text includes commands to refuse authentication for EAP, CHAP, and MSCHAP, if you’re connecting to a PPTP server different than a SmartFlex router, you may need to put hashtags on these lines):

pty “/usr/local/bin/pptp REMOTE_ADDRESS –nolaunchpppd”
remoteaddress REMOTE_ADDRESS
user USERNAME
password PASSWORD
# require-mppe-128
# logfile /tmp/pptp_vpn_log.txt
## Other settings
noauth
refuse-eap
refuse-chap
refuse-mschap
redialcount 1
redialtimer 5
idle 1800
mru 1436
mtu 1436
receive-all
novj 0:0
ipcp-accept-local
ipcp-accept-remote
hide-password
looplocal
nodetach
ms-dns 8.8.8.8
usepeerdns
debug
defaultroute

3. Download a copy of Filip’s PPTP library built from Debian:

http://filipmolcik.com/releases/pptp/pptp.zip

And save this file in:

/usr/local/bin

4. To establish the PPTP VPN connection, I’ve found you need to keep the command prompt for Terminal.app in the same directory where the config file is saved from step 1, above. If so, make the connection in Terminal.app with this command:

sudo pppd call pptp_config_file

5. I should make a script for this, but I use it so infrequently I may not bother. For now, I disconnect by opening Activity Monitor, searching for PPTP, highlight it, click the “x” button, and choose “Quit”.

After making the connection, pptp surged to using about 90% of the cpu on my macbook12,1, but it has since settled down. Thanks, Filip!

Should these connections require MPPE in the future, we’ll need to replace the downloaded file in Step 3 with this library.

Last note, my MacBook Pro connects and pings the ip address it receives, but it can’t ping anything else on the network. Will hopefully resolve this soon.

Leave a Reply

Your email address will not be published. Required fields are marked *