Centos 6.x configure VPN

Source: Internet
Author: User
Tags windows visual vps

Centos 6.x configure VPN

The full name of VPN is "Virtual Private Network", which is translated as "Virtual Private Network ". As the name suggests, we can regard a virtual private network as an internal private line of an enterprise. It can establish a proprietary communication line between two or more enterprise intranets connected to the Internet in different places through special encrypted communication protocols, it is like setting up a leased line, but it does not need to lay physical lines such as optical cables. This is like applying for a leased line from the telecommunications board, but there is no need to pay for the laying of the line, or purchase a router or other hardware equipment. VPN technology was originally one of the most important technologies of routers. Currently, VPN functions are also supported in vswitches, firewall devices, Windows, and other software, the core of a VPN is to use a public network to establish a virtual private network.

A Virtual Private Network (VPN) is defined as a temporary and secure connection through a public network (usually the internet). It is a secure and stable tunnel through a chaotic public network. A Virtual Private Network is an extension of the enterprise intranet. Virtual Private Network can help remote users, company branches, business partners and suppliers to establish trusted and secure connections with the company's Intranet, and ensure secure data transmission. A virtual private network can be used for the global Internet access of increasing mobile users to achieve secure connections. It can be used to implement virtual private lines for secure communication between enterprise websites, it is used to economically and effectively connect commercial partners and users to a secure, out-of-network virtual private network.

PPTP is called the Point to Point Tunneling Protocol-Point to Point tunnel Protocol, which is one of the VPN protocols.

If the check results do not support these features, pptp cannot be installed.
Execute Command:

$ Modprobe ppp-compress-18 & echo OK

After this execution, "OK" indicates that the execution is successful. However, another check is required. Enter the following command:

$ Cat/dev/net/tun

If the result of this command is the following text, it indicates that:

$ Cat:/dev/net/tun: File descriptor in bad state

You can install pptp only after both of the preceding steps are passed. Otherwise, you can only consider openvpn, or ask the technical customer service of the vps Space Provider to enable the TUN/TAP/PPP function for your VPS, it seems that some vps Control Panel provides a button to enable the TUN/TAP/PPP function.

We recommend that you install yum to automatically resolve dependencies.
1. Install ppp and iptables
PPTPD requires the Linux kernel to support mppe. Generally, it is included in CentOS installation (I have not installed this step ):

$ Yum install-y perl ppp iptables # iptables and ppp are installed in centos by default.

Determine whether ppp is available:

$ Cat/dev/pppcat:/dev/ppp: No such device or address

If the above message "No such device or address" is displayed, you do not need to worry about it. This indicates that ppp is available and can be configured properly.

If "Permission denied" is displayed, ppp is related. you can skip the following steps.

Second, the method for installing pptpd is to directly install pptpd with yum, so that the computer can automatically select the corresponding version:
Add the yum source first:

[Root @ ~] $ Rpm-Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpmRetrieving examples/var/tmp/rpm-tmp.UDo346: Header V3 DSA/SHA1 Signature, key ID 862acc42: NOKEYPreparing... ######################################## ### [100%] 1: pptp-release ##################################### ###### [100%] [root @ ~] $ Yum install-y pptpdLoaded plugins: fastestmirror, securityLoading mirror speeds from cached hostfile * rpmforge: ftp. riken. jppoptop-stable | 2.2 kB 00: 00poptop-stable/primary_db | 5.5 kB 00: 00pptp-stable | 2.2 kB 00: 00pptp-stable/primary_db | 18 kB 00: 00 Setting up Install ProcessResolving Dependencies --> Running transaction check ---> Package pptpd. x86_64. 4.0-1. el6 will be installed --> Finished D Ependency ResolutionDependencies Resolved ==================================== ====================================================== PackageArch VersionRepositorySize ========================================================== ========================================== Installing: pptpdx86_64 1.4.0-1. el6poptop-stable 74 kTransaction Summary ======================================== ============================================================ Install 1 Package (s) total down Load size: 74 kInstalled size: 174 kDownloading Packages: pptpd-1.4.0-1.el6.x86_64.rpm | 74 kB 00: 00 warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 862acc42: NOKEYRetrieving key from file: // etc/pki/rpm-gpg/RPM-GPG-KEY-PPTPImporting GPG key 0x862ACC42: Userid: PPTP Software Signing Key <pptp@city-fan.org> Package: pptp-release-4-7.rhel6.noarch (installed) From: /etc/pki/rpm-gpg/RPM-GP G-KEY-PPTPRunning rpm_check_debugRunning Transaction TestTransaction Test SucceededRunning TransactionWarning: RPMDB altered outside of yum. installing: pptpd-1.4.0-1.el6.x86_641/1 Verifying: pptpd-1.4.0-1.el6.x86_641/1 Installed: pptpd. x86_64. 4.0-1. el6Complete!

Third, after the installation is complete, start related configuration work:
1. configuration file/etc/ppp/options.ppt pd

$ Cp/etc/ppp/options.ppt pd. bak $ vi/etc/ppp/options.ppt pd # resolution: I also recommend that you add content to the original configuration file to configure pptp hosts pd: ms-dns 8.8.8.8ms-dns 8.8.4.4

Resolution: ms-dns 8.8.8.8 and ms-dns 8.8.4.4 use google's dns server.

2. configuration file/etc/ppp/chap-secrets

$ Cp/etc/ppp/chap-secrets/etc/ppp/chap-secrets.bak $ vi/etc/ppp/chap-secrets # chap-secrets content is as follows: # Secrets for authentication using CHAP # client server secret IP addressesmyusername pptpd mypassword * # myusername is your vpn account, mypassword is your vpn password, * indicates any ip address, remember not to lose this asterisk.

3. configuration file/etc/pptpd. conf

$ Cp/etc/pptpd. conf/etc/pptpd. conf. bak $ vi/etc/pptpd. conf # Add the following two lines: localip 192.168.9.10remoteip 192.168.9.11-20 # indicates the ip address range obtained by the vpn Client.

4. configuration file/etc/sysctl. conf

$ Vi/etc/sysctl. conf # modify the kernel settings to support forwarding # change the net. ipv4.ip _ forward = 0 to net. ipv4.ip _ forward = 1 # Save the modified file, which takes effect $/sbin/sysctl-p

4. Start pptp vpn Service

$/Sbin/service pptpd start # or service pptpd startShutting down pptpd: [OK] Starting pptpd: [OK] # Set automatic start $ chkconfig pptpd -- list # Check whether pptpd 0 is started by yourself: off 1: off 2: off 3: off 4: off 5: off 6: off $ chkconfig pptpd on # Enable Automatic startup $ chkconfig pptpd -- list # confirm the self-starting status 2 \ 3 \ 4 \ 5 are on.ppt pd 0: off 1: off 2: on 3: on 4: on 5: on 6: off

Fifth: Configure and start iptables

$ Vi/bin/iptables. sh # Note: I have defined iptables. sh here. You can also directly execute the following statement: # ---------- For VPN Setting ---------------------- # iptables -- flush POSTROUTING -- table natiptables -- flush FORWARDiptables-a input-p tcp-m tcp -- dport 1723-j ACCEPTiptables-a input-p-j ACCEPTiptables-t nat-a postrouting-s 192.168.9.0/24-o em1-j MASQUERADE # Note: #1. if your Internet Nic is not em1 but eth0, you need to change-o eth0. ifconfig may be used to press enter to confirm ## 2. in this command, "192.168.9.0/24" is based on the "localip" network segment in the preceding configuration file. Set to ## Note: # pptp uses the GRE (Generic Routing Encapsulation) packet to parse packets over 1723 ports, and set the network segment of the VPN to which the interface sends packets to the outside. $/Sbin/service iptables restart # or service iptables restartiptables: Flushing firewall rules: [OK] iptables: Setting chains to policy ACCEPT: filter [OK] iptables: Unloading modules: [OK]

Next, you can set the local VPN link. You can search for the specific settings on the Internet. The Windows visual interface is very simple.

Refer:

Http://www.dabu.info/centos6-4-structures-pptp-vpn.html

Http://www.vixual.net/blog/archives/32

Http://zyan.cc/pptp_vpn/

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.