Brief introduction of the VPN server configuration method under Linux operating system

Virtual Private Network (VPN)

Virtual private networks are connected to a geographically different local network by means of the public network Internet, which is like local access. Because VPNs encrypt data as they transmit data, the security is high even though the data is transmitted over a public network. In the past few years with the VPN function of the hardware equipment is very happy to sell, some firewall manufacturers also take its VPN function as a selling point. Here we are not concerned about hardware VPN, only the VPN under Linux.

1. Install VPN Package

Need dkms-2.0.10-2.fc5.noarch.rpm, kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm, ppp-2.4.3-9.2.i586.rpm and pptpd-1.3.1-0.i386.rpm these RPM packages. Then execute command # RPM–IVH dkms-2.0.10-2.fc5.noarch.rpm respectively; RPM–IVH kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm; RPM–IVH ppp-2.4.3-9.2.i586.rpm; RPM–IVH pptpd-1.3.1-0.i386.rpm complete the installation.

2. Configure VPN Service

There are two files that need to be modified: the Master profile/etc/pptpd.conf and the VPN user account file/etc/ppp/chap-sescrets. The primary configuration file needs to set the VPN server's local address and the address segment assigned to the client, so just manually appending the localip and REMOTEIP two lines in the main configuration file even if the configuration task is complete. The account file holds the authentication information required by the VPN client dial-in, in the form of:

User Name service password assigned to user's password

Where the user name, password, assigned to the user's IP address to enclose in double quotes, "service" is generally pptpd. As a reference, here is an example of pptpd.conf and Chap-secrets:

# more/etc/pptpd.conf

Localip 192.168.1.254 (server IP)

Remoteip 192.168.1.230-240 (address pool assigned to client)

# more/etc/ppp/chap-screts

"Guoxing" (username) pptpd "guoxing" (password) "*" (IP from address pool)

"Public" pptpd "WGZX" "192.168.1.202" (You can specify the IP assigned to the client)

3, the Client configuration

Using the Windows Network Connection Wizard, simply select "Connect to private network via Ineternet (V)" To configure the completion step by step. Note: The IP of the VPN server is to fill in the globally unique unicast address, that is, the eth0 address of the gateway server.

4. Enable VPN service

Before enabling VPN, verify that the kernel's IP forwarding function is turned on, and then execute Command # Service PPTPD start to enable VPN waiting for remote user access.

PS: At first it was the four packages needed to download the VPN from the Internet, in the open source community to download, but still not installed, feel strange, and then from another channel to get the four software packages, found that the file than the open source community to provide a lot of, and finally installed, so do not superstitious fame. In addition to set the VPN server address is a local address, equivalent to eth0 address, connect intranet, and as a client connection, the need to enter the VPN server eth1 address (must be the world's only), this server Linux server also to implement packet forwarding.