Build a VPN Server Based on CentOS

Build a VPN Server Based on CentOS

1. VPN Server Environment Description

Operating System: CentOS 6.5

VPN-Server local Nic information:

[root@VPN-Server~] #ifconfig eth0Linkencap:EthernetHWaddr00:0C:29:DA:D0:E0 inetaddr:192.168.30.130Bcast:192.168.30.255Mask:255.255.255.0 inet6addr:fe80::20c:29ff:feda:d0e0 /64 Scope:Link UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1 RXpackets:61307errors:0dropped:0overruns:0frame:0 TXpackets:1653errors:0dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:7265680(6.9MiB)TXbytes:251494(245.5KiB) eth1Linkencap:EthernetHWaddr00:0C:29:DA:D0:EA inetaddr:192.168.0.130Bcast:192.168.0.255Mask:255.255.255.0 inet6addr:fe80::20c:29ff:feda:d0ea /64 Scope:Link UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1 RXpackets:58620errors:0dropped:0overruns:0frame:0 TXpackets:61errors:0dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:6813106(6.4MiB)TXbytes:2834(2.7KiB)

Note: The local network adapter eth0 is responsible for connecting to the Internet, and eth1 is responsible for connecting to the server segment of the Intranet.

Server1 local Nic information:

[root@Server1~] #ifconfig eth0Linkencap:EthernetHWaddr00:0C:29:19:3B:FB inetaddr:192.168.30.131Bcast:192.168.30.255Mask:255.255.255.0 inet6addr:fe80::20c:29ff:fe19:3bfb /64 Scope:Link UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1 RXpackets:103208errors:0dropped:0overruns:0frame:0 TXpackets:311errors:0dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:12067350(11.5MiB)TXbytes:30361(29.6KiB) eth1Linkencap:EthernetHWaddr00:0C:29:19:3B:05 inetaddr:192.168.0.131Bcast:192.168.0.255Mask:255.255.255.0 inet6addr:fe80::20c:29ff:fe19:3b05 /64 Scope:Link UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1 RXpackets:102785errors:0dropped:0overruns:0frame:0 TXpackets:31errors:0dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:12031105(11.4MiB)TXbytes:1574(1.5KiB)

Purpose:

(1) The vpn Client can be successfully connected to the vpn Server;

(2) The vpn Server can forward requests from the vpn Client to the CIDR Block 192.168.0.0.

Ii. Install the VPN Server package

1. Check whether the system kernel supports MPPE patches.

[root@VPN-Server~] #modprobeppp-compress-18&&echosuccess

Success indicates that the system supports the MPPE patch. If not, install kernel-devel first.

[root@VPN-Server~] #yuminstallkernel-devel

2. Check whether TUN/TAP support is enabled.

[root@VPN-Server~] #cat/dev/net/tun

If the result of this command is the following text, it indicates that:
Cat:/dev/net/tun: File descriptor in bad state # The system is in English
Cat:/dev/net/tun: The file descriptor is in the error state # The system is a Simplified Chinese version
If no, you need to enable the TUN/TAP function for the VPS service provider. Generally, this function is enabled for VPS by default.

3. Install ppp and iptables # Install PPTP requires these two packages (by default, CentOS comes with these two packages)

[root@VPN-Server~] #yuminstall-yppp