1. check whether the server has necessary support. if the check results do not have these support, pptp cannot be installed. after executing the command: # modprobeppp-compress-18 & amp; echook, after the execution, "OK" indicates that it passes. however, another check is required. enter the command: # cat/dev/net/t 1. check whether the server has the necessary support. if the check results do not support these features, pptp cannot be installed. run the following command:
# Modprobe ppp-compress-18 & echo OK
After this execution, "OK" is displayed, indicating that the operation is successful. However, you need to perform another check and enter the command:
# Cat/dev/net/tun
If the result of this command is the following text, it indicates that:
Cat:/dev/net/tun: File descriptor in bad state
You can install pptp only after both of the preceding steps are passed. Otherwise, you can only consider openvpn, or ask your service provider to solve this problem.
2. install ppp and iptables (iptables is optional ). by default, the complete CentOS comes with these two components, but the lite version of the system may not. run the following command to confirm the installation. if not, the system will not perform any operations:
# Yum install-y ppp iptables
3. install pptp. this software is not available in the yum source. we need to download it manually. we need to switch to the tmp directory first:
# Cd/tmp
Run the following command to download the pptp installation package:
# Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm (for 32-bit systems)
# Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.x86_64.rpm (for 64-bit systems)
If your CentOS is 32-bit, execute the 32-bit command. if it is a 64-bit CentOS, execute the 64-bit command.
Next, install pptp, which is also divided into 32-bit and 64-bit systems:
# Rpm-ivh pptpd-1.3.4-1.rhel5.1.i386.rpm (32-bit system used)
# Rpm-ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm (64-bit system used)
4. configure pptp. first, edit the/etc/pptpd. conf file:
# Vim/etc/pptpd. conf
Locate the "locapip" and "remoteip" configuration items and remove the ";" annotator to change the value of the expected IP segment. localip indicates the IP address of the server, and remoteip indicates the IP address assigned to the client, which can be set as a range. here we use the default pptp configuration:
Localip 192.168.0.1
Remoteip 192.168.0.234-238,192.168 .0.245
Note that the IP segment settings will directly affect the command for adding iptables rules. please note that the matching is correct. if you are too troublesome, we recommend that you use the configuration in this article to copy commands and text.
Next, edit the/etc/ppp/options.ppt pd file and add Google DNS for the VPN:
# Vim/etc/ppp/options.ppt pd
Add the following two lines at the end:
Ms-dns 8.8.8.8
Ms-dns 8.8.4.4
5. set the pptp VPN account password. we need to edit the/etc/ppp/chap-secrets file:
# Vim/etc/ppp/chap-secrets
In this file, write the password in the form of "user name pptpd password *", one account and one password line. for example, add the user name as test and password as 1234, edit the following content:
Test pptpd 1234 *
6. modify the kernel settings to support forwarding. edit the/etc/sysctl. conf file:
# Vim/etc/sysctl. conf
Change "net. ipv4.ip _ forward" to 1, and change it to the following format.
Net. ipv4.ip _ forward = 1
Save and exit, and execute the following command to take effect:
# Sysctl-p
7. add iptables forwarding rules. after the previous six steps, we can dial the VPN, but we cannot access any web page. the last step is to add iptables forwarding rules. enter the following command:
# Iptables-t nat-a postrouting-s 192.168.0.0/24-o eth0-j MASQUERADE
Note that the "192.168.0.0/24" in this command is changed according to the "localip" network segment in the previous configuration file, for example, the "10.0.0.1" network segment you set, it should be changed to "10.0.0.0/24 ″. in addition, you need to note eth0. if your internet nic is not eth0, but eth1 (for example, the SoftLayer server is like this ), remember to change eth0 to the corresponding Nic id. Otherwise, the network cannot be accessed.
Then, enter the following command to allow iptables to save the forwarding rule we just added so that you do not need to add it again after restarting the system:
#/Etc/init. d/iptables save
Restart iptables:
#/Etc/init. d/iptables restart
8. restart the pptp service. enter the following command to restart pptp:
#/Etc/init. d/pptpd restart
Now you can connect to your VPN and browse the web page. However, we still need to make the final step.
9. set the service to run automatically upon startup. the last step is to set pptp and iptables to automatically run upon startup, so you do not need to manually start the service every time you restart the server. of course, you can skip this step if you do not need to automatically start the service, input command:
# Chkconfig pptpd on
# Chkconfig iptables on
In this way, you can quickly establish a VPN connection under Windows. fill in your server IP address, username and password, and set your username and password. click "connect ", then you can use the server to browse the web page.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
