A inventive: The realization of Linux LAN remote Access _unix Linux

This paper introduces a method of using two serial ports of Linux server to build dial-up server, and remote users can connect to LAN through dial-up, so as to facilitate information transmission and resource sharing.

The author's configuration environment is red Hat 8.0 Linux operating system, the required hardware includes two external modems (respectively connected to the COM1 and COM2 ports) and two telephone lines. The implementation steps are as follows:

1. Initialize serial device

Add the following two lines to the/etc/inittab file to initialize the ttyS0 and ttyS1 two serial devices:

S0:345:respawn:/sbin/mgetty-d-X 3 ttyS0

S1:345:respawn:/sbin/mgetty-d-X 3 ttyS1

Then, run the "/sbin/init Q" command to make the changes take effect.

2. Specify the authentication method

Create a file Ppplogin in the/ETC/PPP directory, which reads as follows:

#!/bin/sh

/USR/SBIN/PPPD Auth-chap +PAP Login

This file specifies that the user is logged in with PAP authentication. PAP and CHAP are two authentication protocols for the PPP service.

After you save the file, set the permissions for the file to execute:

#chmod A+x/etc/ppp/ppplogin

Then, change the/etc/mgetty+sendfax/login.config file, remove the comment before the "/autoppp/" line, and change to the following:

/autoppp/--/etc/ppp/ppplogin

　　

3. Modify Options File

Modify the/etc/ppp/options file for the following content;

Detach

Modem

Lock

Crtscts

Asyncmap 0

Netmask 255.255.255.0

Proxyarp

Ms-dns 192.168.11.1

The "Detach" option is important. If you do not specify this option, the dialer will enter the background, allowing the shell script to exit, followed by the serial line is hung up, causing the connection to abort. "Detach" prevents the TTY device from PPPD control.

The Modem option allows PPPD to monitor the DTR leader to see if the peer has dropped.

The lock option specifies that UUCP-style locks are used on serial devices.

The "crtscts" option opens the hardware handshake signal.

"Asyncmap 0" sets an asynchronous character map that specifies that the control character cannot be sent directly through the connection and needs to be escaped first.

"Netmask 255.255.255.0" sets the network mask for the PPP network interface.

The "proxyarp" option turns on the ARP proxy feature.

"Ms-dns" 2.168.11.1 specifies the DNS server address within the LAN, if not available.

4. Assigning IP to dial-in users

Create/ETC/PPP/OPTIONS.TTYS0 and/etc/ppp/

OPTIONS.TTYS1 two documents, which read as follows:

# Vi OPTIONS.TTYS0

192.168.11.3:192.168.11.242

# Vi Options.ttys1

192.168.11.3:192.168.11.243

where "192.168.11.3" is the IP address of the Linux machine that is used as a dial-up server, "192.168.11.242" and "192.168.11.243" are IP addresses assigned to the COM1 and COM2 dial-in users respectively.

5. Password verification

Edit the file/etc/ppp/pap-secrets, which reads as follows:

* * "Secret" 192.168.11.242

* * "Password" 192.168.11.243

As shown above, each line of code contains four columns, representing the user name, server address, password value, and IP Address list, respectively. "*" indicates that any content can be matched.

After the user dials in, if you need to access other servers in the local area network, you must turn on the IP Forwarding feature:

Echo 1>/proc/sys/net/ipv4/ip_forward

To be free after a period of time automatically Xie  cherry  Ping ?etc/ppp/options add the following line:

Idle 600

In the above code, "600" means 600 seconds, or 10 minutes.

If/sbin/mgetty files and/etc/mgetty+sendfax/login.config files are not found in the appropriate directory, you need to install the Mgetty package.