CentOS/Ubuntu VPN proxy server configuration tutorial

Source: Internet
Author: User
Tags ticket centos vps iptables vps server firewall

Configure the VPN proxy server in CentOS

I use CentOS 6.4 Here. The configurations of other linux versions are basically the same.

1. Check whether the PPP and TUN devices of the VPS are correctly installed.

 

The code is as follows: Copy code
Ls/dev/ppp
Ls/dev/net/tun
# Or
Cat/dev/ppp
Cat/dev/net/tun

If the message "No such file or directory" or "No such device or address" is displayed, it indicates that it is not installed. Generally, you can open a ticket directly to your VPS provider.

2. Install pptp. Since pptp depends on ppp, you need to install ppp first.

The code is as follows: Copy code

Yum install-y ppp
Yum install-y pptp

3. Create a VPN pipe

The code is as follows: Copy code

Mknod/dev/ppp c 108 0

If the 619 error occurs during VPN connection, you can also execute the above

4. Modify/etc/sysctl. conf to enable ipv4 forwarding.
Open the file, find the following content, and modify it.

The code is as follows: Copy code

Net. ipv4.ip _ forward = 1
Net. ipv4.tcp _ syncookies = 0

Modification to/etc/sysctl. conf (optional)

The code is as follows: Copy code

Sysctl-p

Or execute

The code is as follows: Copy code

Echo 1>/proc/sys/net/ipv4/ip_forward
Echo 0>/proc/sys/net/ipv4/tcp_syncookies

5. Modify the/etc/pptpd. conf file and set the vpn ip address. Write

The code is as follows: Copy code

Localip XXX. XXX
Remoteip XXX.XXX.XXX.XXX-XXX

Localip is the local IP address, that is, the local IP address.
The remoteip is the IP address allocated to the remote host. It is usually set to a continuous ip segment.

6. Modify the/etc/ppp/options.ppt pd file to complete DNS modification for the VPS server.

The code is as follows: Copy code

Ms-dns 8.8.8.8
Ms-dns 8.8.4.4

7. Edit/etc/ppp/chap-secrets and configure the VPN connection user.
Format:

The code is as follows: Copy code

Username pptpd password *

Username: User name
Password: password

Or execute

Echo "username pptpd password *">/etc/ppp/chap-secrets

8. Modify iptables settings and enable firewall

The code is as follows: Copy code

Iptables-a forward-s XXX. XXX/XX-p tcp-m tcp -- tcp-flags
FIN, SYN, RST, ack syn-j TCPMSS -- set-mss 1356
 
# Save
Service iptables save

XXX. XXX/XX is the remote IP address set in step 1.

9. Configure the startup service (optional)

The code is as follows: Copy code

Chkconfig iptables on
Chkconfig pptpd on

10. Start or restart the pptp and iptables services.

The code is as follows: Copy code

# Service iptables start
# Service pptpd start
 
Service iptables restart
Service pptpd restart


Configure the VPN proxy server in Ubuntu

The operating system is Ubuntu Server12.04.3. All operations are performed after sudo su.

1. Check whether the PPP device or TUN device is installed (skip DigitalOcean VPS)

The code is as follows: Copy code

Ls/dev/ppp
Ls/dev/net/tun
# Or
Cat/dev/ppp
Cat/dev/net/tun

If the system prompts "No such file or directory" or "No such device or address", it indicates that the system is not installed. Open a ticket

2. Install pptpd

The code is as follows: Copy code

Apt-get install pptpd

3. After the installation is successful, modify the/etc/pptd. conf file and configure the vpn ip address to write data.

The code is as follows: Copy code

Localip XXX. XXX
Remoteip XXX.XXX.XXX.XXX-XXX
# Reference configuration
# Localip 10.0.0.1
# Remoteip 10.0.0.100-200

Localip is the local IP address, that is, the local IP address.
The remoteip is the IP address allocated to the remote host. It is usually set to a continuous ip segment.

4. Modify the/etc/ppp/options.ppt pd file to complete DNS modification for the VPS server.

The code is as follows: Copy code

Ms-dns 8.8.8.8
Ms-dns 8.8.4.4

5. Edit/etc/ppp/chap-secrets and configure the VPN connection user.
Format:

The code is as follows: Copy code

Username pptpd password *

Username indicates the user name
Pptpd indicates the service name, which is generally the default value.
Password indicates the password.
* Asterisk indicates that all IP addresses can be connected.

6. Enable IP forwarding, modify/etc/sysctl. conf, and enable ipv4 forwarding.
Open the file, find the following content, and modify it. No. Please add.
# Enable IP forwarding

The code is as follows: Copy code
Net. ipv4.ip _ forward = 1

 
# Enable SYN cookies to prevent SYN flood attacks. We recommend that you enable these cookies when connecting multiple users.
Net. ipv4.tcp _ syncookies = 0

Modification to/etc/sysctl. conf (optional)

The code is as follows: Copy code

Sysctl-p

7. Open the firewall

The code is as follows: Copy code

Iptables-t nat-a postrouting-o eth0-j MASQUERADE & iptables-save

8. Start pptp vpn service

The code is as follows: Copy code

Service pptpd start

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.