I’ve got a (fake – i.e. OpenVZ) VM with BHost.net and use it as a VPN gateway amongst other things for accessing my home network. This works great with OpenVPN in a site-to-site configuration – I use a port knocking app on my iPhone to open up a port for SSH on the VM, shell in using a cert, and then from there I can access my home network via the site-to-site OpenVPN link. Alternatively if I’m after more than SSH, I knock again, connect via OpenVPN to the VM and then access the internal network across the tunnel.

This works great for PCs/Macs – but it’s no good for my iPhone/iPad which don’t have support for OpenVPN unless you jailbreak. So reluctantly I setup PPTP this evening, and when trying to connect the iPhone was telling me that it “Cannot connect. Contact your system administrator.” or words to that effect. On the server I was seeing this error logged in /var/log/messages:

Jan 6 23:00:51 orbit pppd[9820]: Using interface ppp0
Jan 6 23:00:51 orbit pppd[9820]: Connect: ppp0 <–> /dev/pts/1
Jan 6 23:00:51 orbit pppd[9820]: LCP terminated by peer (MPPE required but peer negotiation failed)
Jan 6 23:00:51 orbit pppd[9820]: Hangup (SIGHUP)
Jan 6 23:00:51 orbit pppd[9820]: Modem hangup
Jan 6 23:00:51 orbit pppd[9820]: Connection terminated.

A quick bit of Googling and I worked out that you had to have both of these lines in your /etc/ppp/pptpd-options file:

require-mschap-v2
require-mppe-128

(128-bit encryption requires MS-CHAPv2…)

Et voila!