Configure pptp server on redhat4sp3

Configure pptp server on RedHat4sp3 1. Confirm core version # uname-r2.6.9-34.EL version earlier than 1.6.15 requires patching from http://sourceforge.net/project/showfiles.php? Group_id = 44827 download dkms-2.0.10-1.noarch.rpmkernel_ppp_mppe-1.0.2-3dkms.noarch.rpm to install kernel M

Configure pptp server on RedHat4 sp3

1. Confirm the core version
# Uname-r
2.6.9-34.EL
Patch required for versions earlier than 1.6.15
From http://sourceforge.net/project/showfiles.php? Group_id = 44827
Download dkms-2.0.10-1.noarch.rpm
Kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm installation kernel MPPE (Microsoft Point to Point Encryption, Microsoft Point-to-Point Encryption)
Pptpd-1.3.3-1.rhel4.i386.rpm
Ppp-2.4.3-5.rhel4.i386.rpm installation PPP (Point-to-Point Protocol, Point-to-Point Protocol)
Pptp-1.7.0-1.i386.rpm
Install them
Run the following command to check whether the kernel MPPE patch is successfully installed:
# Modprobe ppp-compress-18
Run the following command to check whether PPP supports MPPE:
# Strings '/usr/sbin/pppd' | grep-I mppe | wc -- lines
If the above command output is "0", it means not supported; If the output is "30" or a larger number, it means support.
Modify configuration file
1. Modify the modules. conf file
Edit the/etc/modules. conf configuration file and add the following content:
Alias char-major-108 ppp_generic
Alias tty-ldisc-3 ppp_async
Alias tty-ldisc-14 ppp_synctty
Alias ppp-compress-18 ppp_mppe
Alias ppp-compress-21 bsd_comp
Alias ppp-compress-24 ppp_deflate
Alias ppp-compress-26 ppp_deflate
Alias net-pf-47 ip_gre
2. Modify the pptpd. conf file
Edit the/etc/pptpd. conf configuration file and add the following content to determine the IP address of the local VPN Server and the IP address range allocated after the client logs on.
Ppp/usr/sbin/pppd
Debug
Option/etc/ppp/options.ppt pd
Localip 192.168.0.254 # IP address of the local VPN Server
Remoteip 192.168.1.1-254 # IP address range allocated by the client
3.modify the options.ppt pd File
Edit the/etc/ppp/options.ppt pd configuration file and replace it with the following content:
Auth
Lock
Debug
Proxyarp
Lock
Name rh9vpn # name of the VPN Server
Multilink
Refuse-pap
Refuse-chap
Refuse-mschap
Refuse-eap
Refuse-mschap-v2
Require-mppe
Ms-wins 192.168.1.2 # enter the IP address of the machine you want to see in the network neighbor.
Ms-dns 192.168.1.2 # DNS server address
Dump
Logfile/var/log/pptpd. log # log storage path
4. Modify the chap-secrets File
Edit the/etc/ppp/chap-secrets configuration file and add the following content:
# Client server secret IP addresses
"Abc1" * "test "*
The four items in the second line of code correspond to the four items in the first line. "Abc1" is the VPN user name of the Client. "server" corresponds to the name of the VPN server, which must be the same as that specified in the/etc/ppp/options.ppt pd file, or set "*" to automatically identify the server. "secret" corresponds to the logon password. "IP addresses" corresponds to the IP address of the client that can be dialed in. If you do not need to set any special restrictions, you can set it.
5. set IP disguised forwarding
Only remote computers connected to the VPN can ping each other after IP disguised Forwarding is configured, so as to achieve sharing like a LAN. Run the following command to set the parameters:
# Echo 1>/proc/sys/net/ipv4/ip_forward
You can put this command in the file/etc/rc. d/rc. local to automatically run this command at startup.
6. Open the firewall port
Open port 1723 and port 47 of the Linux server and enable the GRE protocol.
#/Sbin/iptables-a input-p tcp -- dport 1723-j ACCEPT
#/Sbin/iptables-a input-p tcp -- dport 47-j ACCEPT
#/Sbin/iptables-a input-p gre-j ACCEPT
Now the settings of the Linux Server are complete, and the Windows client is used for testing.
If the Internet machine is required to connect to the machine of other network segments through vpn, use iptable for NAT forwarding.