Configure the VPN proxy server in CentOS
I use CentOS 6.4 Here. The configurations of other linux versions are basically the same.
1. Check whether the PPP and TUN devices of the VPS are correctly installed.
The code is as follows: |
Copy code |
Ls/dev/ppp Ls/dev/net/tun # Or Cat/dev/ppp Cat/dev/net/tun |
If the message "No such file or directory" or "No such device or address" is displayed, it indicates that it is not installed. Generally, you can open a ticket directly to your VPS provider.
2. Install pptp. Since pptp depends on ppp, you need to install ppp first.
The code is as follows: |
Copy code |
Yum install-y ppp Yum install-y pptp |
3. Create a VPN pipe
The code is as follows: |
Copy code |
Mknod/dev/ppp c 108 0 |
If the 619 error occurs during VPN connection, you can also execute the above
4. Modify/etc/sysctl. conf to enable ipv4 forwarding.
Open the file, find the following content, and modify it.
The code is as follows: |
Copy code |
Net. ipv4.ip _ forward = 1 Net. ipv4.tcp _ syncookies = 0 |
Modification to/etc/sysctl. conf (optional)
The code is as follows: |
Copy code |
Sysctl-p |
Or execute
The code is as follows: |
Copy code |
Echo 1>/proc/sys/net/ipv4/ip_forward Echo 0>/proc/sys/net/ipv4/tcp_syncookies |
5. Modify the/etc/pptpd. conf file and set the vpn ip address. Write
The code is as follows: |
Copy code |
Localip XXX. XXX Remoteip XXX.XXX.XXX.XXX-XXX |
Localip is the local IP address, that is, the local IP address.
The remoteip is the IP address allocated to the remote host. It is usually set to a continuous ip segment.
6. Modify the/etc/ppp/options.ppt pd file to complete DNS modification for the VPS server.
The code is as follows: |
Copy code |
Ms-dns 8.8.8.8 Ms-dns 8.8.4.4 |
7. Edit/etc/ppp/chap-secrets and configure the VPN connection user.
Format:
The code is as follows: |
Copy code |
Username pptpd password * Username: User name Password: password Or execute Echo "username pptpd password *">/etc/ppp/chap-secrets |
8. Modify iptables settings and enable firewall
The code is as follows: |
Copy code |
Iptables-a forward-s XXX. XXX/XX-p tcp-m tcp -- tcp-flags FIN, SYN, RST, ack syn-j TCPMSS -- set-mss 1356 # Save Service iptables save |
XXX. XXX/XX is the remote IP address set in step 1.
9. Configure the startup service (optional)
The code is as follows: |
Copy code |
Chkconfig iptables on Chkconfig pptpd on |
10. Start or restart the pptp and iptables services.
The code is as follows: |
Copy code |
# Service iptables start # Service pptpd start Service iptables restart Service pptpd restart |
Configure the VPN proxy server in Ubuntu
The operating system is Ubuntu Server12.04.3. All operations are performed after sudo su.
1. Check whether the PPP device or TUN device is installed (skip DigitalOcean VPS)
The code is as follows: |
Copy code |
Ls/dev/ppp Ls/dev/net/tun # Or Cat/dev/ppp Cat/dev/net/tun |
If the system prompts "No such file or directory" or "No such device or address", it indicates that the system is not installed. Open a ticket
2. Install pptpd
The code is as follows: |
Copy code |
Apt-get install pptpd |
3. After the installation is successful, modify the/etc/pptd. conf file and configure the vpn ip address to write data.
The code is as follows: |
Copy code |
Localip XXX. XXX Remoteip XXX.XXX.XXX.XXX-XXX # Reference configuration # Localip 10.0.0.1 # Remoteip 10.0.0.100-200 |
Localip is the local IP address, that is, the local IP address.
The remoteip is the IP address allocated to the remote host. It is usually set to a continuous ip segment.
4. Modify the/etc/ppp/options.ppt pd file to complete DNS modification for the VPS server.
The code is as follows: |
Copy code |
Ms-dns 8.8.8.8 Ms-dns 8.8.4.4 |
5. Edit/etc/ppp/chap-secrets and configure the VPN connection user.
Format:
The code is as follows: |
Copy code |
Username pptpd password * Username indicates the user name Pptpd indicates the service name, which is generally the default value. Password indicates the password. * Asterisk indicates that all IP addresses can be connected. |
6. Enable IP forwarding, modify/etc/sysctl. conf, and enable ipv4 forwarding.
Open the file, find the following content, and modify it. No. Please add.
# Enable IP forwarding
The code is as follows: |
Copy code |
Net. ipv4.ip _ forward = 1
|
# Enable SYN cookies to prevent SYN flood attacks. We recommend that you enable these cookies when connecting multiple users.
Net. ipv4.tcp _ syncookies = 0
Modification to/etc/sysctl. conf (optional)
The code is as follows: |
Copy code |
Sysctl-p |
7. Open the firewall
The code is as follows: |
Copy code |
Iptables-t nat-a postrouting-o eth0-j MASQUERADE & iptables-save |
8. Start pptp vpn service
The code is as follows: |
Copy code |
Service pptpd start |