This is a short tutorial to quickly build an available VPN. This article does not cover the normal use of VPN. this short tutorial is based on the following hardware conditions: a VPS with DebianGNU/Linux5.0 installed. of course, in theory, all * nix systems that can install the pptpd package can be used as hosts. in this tutorial, the installation method is based on Debian.
This is a shortTutorialThe purpose is to quickly build an available VPN. This article does not cover the normal use of VPN.TutorialBased on the following hardware conditions:
A vps with Debian GNU/Linux 5.0 installed.
Of course, theoretically, all * nix systems that can install the pptpd package can be used as hosts,TutorialThe installation method is based on the Debian apt-get Command. for other releases, use the command as needed.
The physical location of this VPS is Fremont, CA.
The physical location as the VPN application itself is not important. here, we propose to do more.
InstallServerEnd Software
# Apt-get install pptpd
Debian package management is the best among all releases, so this command is installed after it is completed.ServerEnd program.
Configure IP address range
Edit/etc/pptpd. conf and add the following address at the end:
Localip 192.168.0.1
Remoteip 192.168.0.234-238,192.168 .0.245
Set the IP address range andServer.
Add a user
Edit/etc/ppp/chap-secrets and add similar entries below:
Username pptpd password *
The asterisk is used to allow connection from any IP address. if you want to set an IP address separately.
Restart pptpd
#/Etc/init. d/pptpd restar
Theoretically, a vpn has been set up. whether you are using Windows, OSX, or iPhone OS, you can establish a pptp link to join the VPN. however, you cannot use this to access the Internet, because all the data is applied to the pptpdServerInstead of passing in the dial-in to the computer device. to connect to the Internet, you need to do the following:
Dns resolution support
Edit:/etc/ppp/options. find the "ms-dns" project in it:
Ms-dns 208.67.222.222
Ms-dns 208.67.220.220
I entered the OpenDNS address. of course, you can also enter the DNS address of China Telecom.
Allowed forwarding
Edit/etc/sysctl. conf and check whether the net. ipv4.ip _ forward parameter is 1.
Net. ipv4.ip _ forward = 1
Finally, run this command to openIptablesForwarding support:
/Sbin/iptables-t nat-a postrouting-s192.168.0.0/24-o eth0-j MASQUERADE
Note: for messages from @ LEMONed, only Xen VPS can be used to build pptp, but OpenVZ cannot.
Reference from @ LEMONed:
In openvz, there is only venet0, no eth0, and most vps are openvz. then, the vast majority of openvzvps do not have masqurade. they can only build openvpn and require self-signed certificates. pptpd cannot be used at all. I used this research thoroughly to build a vpn for the iphone.