Centos5.5 resume VPN Server (based on PPTP) AWS Environment

Source: Internet
Author: User

Virtual Private Network (VPN) refers to the technology for establishing a private network on a public network. It is called virtual network, mainly because the connection between any two nodes of the VPN network does not have the end-to-end physical link required by the traditional private network, but is built on the network platform provided by the public network service provider, such as Internet, ATM (asynchronous transmission mode>, Frame
Relay (Frame Relay) is a logical network on which user data is transmitted in a logical link. It covers extensions of private networks that encapsulate, encrypt, and authenticate links across shared networks or public networks. VPN mainly uses tunnel technology, encryption and decryption technology, key management technology and user and device identity authentication technology.

VPN is a remote access technology. In short, it uses a public network link to establish a private network. For example, if an employee is on a business trip to another place, he wants to access the server resources on the Intranet. Such access is remote access. How can we allow employees in other countries to access intranet resources? The solution of VPN is to set up a VPN Server in the Intranet. The VPN Server has two NICs, one connecting the Intranet and the other connecting the internet. After local employees connect to the internet, they can find the VPN Server through the Internet and then use the VPN Server as a stepping stone to enter the Intranet of the enterprise. To ensure data security, the communication data between the VPN Server and the client is encrypted. With data encryption, you can think that data is transmitted securely on a dedicated data link, just like a dedicated network. However, VPN is actually a public link on the Internet, so it can only be called a virtual private network. That is, VPN uses encryption technology to encapsulate a data communication tunnel on the Internet. With the VPN technology, users can use VPN to conveniently access intranet resources on the Internet, whether on a business trip or at home, this is why VPN is widely used in enterprises.

1. Install PPP and iptables

PPTP installation requires support from the PPP and iptables software. Here, yum is used for installation,

Enter this command: Yum
Install-y PPP iptables

Average
PPP is installed by default in centos.

2. Install PPTP

Installation Package http://poptop.sourceforge.net/yum/stable/packages/
Select the latest
Wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm

If wget is invalid, yum install-y wget

Rpm
-IVH pptpd-1.3.4-2.rhel5.x86_64.rpm


3.
Configure PPTP

VI
/Etc/PPP/options.ppt PD

Edit MS-DNS, And the rest do not need to be modified

MS-DNS 208.67.222.222
MS-DNS 208.67.220.220

The last two lines are the DNS server address. opendns is used here. You can also use the DNS of the host service provider. After editing, save and exit.

Opendns
See http://baike.baidu.com/view/755405.htm


InputVI/etc/pptpd. confStart editing and enter the following content:

Option/etc/PPP/options.ppt PD
Logwtmp
Localip 192.168.8.1
Remoteip 192.168.8.2-40,

The last two lines are the IP Address Allocation of the VPN. If you are not familiar with it, do not change it. After editing, save and exit.

The configuration here needs to refer to the configuration of this server

/Sbin/ifconfig

Innet ADDR: 192.168.8.2 bcast 192.168.8.255


InputVI/etc/PPP/chap-secretsStart editing and enter the following content:

Username1 pptpd password1 *

Username2 pptpd password2 *

Username3 pptpd password3 *

This file is used to configure the login user and password of the VPN, one line at a time. After editing, save and exit.

InputVI/etc/sysctl. confStart editing. This file is different from the preceding one and contains the following content:

Find

Net. ipv4.ip _ forward = 0

Change

Net. ipv4.ip _ forward = 1

Save and exit, and then executeSysctl-PThis command.

In this case, PPTP is basically configured. EnterService pptpd startStart.

Configure iptables. First, enterService iptables startStart.

Then, enter the following four commands. Remember to press enter after each input every day:

Iptables-A input-p tcp -- dport 1723-J accept

Iptables-A input-p tcp -- dport 47-J accept

Iptables-A input-P gre-J accept

Iptables-T Nat-A postrouting-s 192.168.8.0/24-O eth0-J Masquerade

Enter/Etc/init. d/iptables saveSave and enter/Etc/init. d/iptables restartRestart.

If you want to automatically start the VPN service when the server starts, you also need to enterChkconfig pptpd onAndChkconfig iptables onThese two commands.

Restart PPTPService pptpd restart

Reference http://www.linuxidc.com/Linux/2011-06/37430.htm


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.