Debian uses pptp as a VPN Server

Source: Internet
Author: User
Debian uses pptp as the VPN Server-Linux Enterprise Application-Linux server application information. The following is a detailed description. 1. Since my system version is linux-image-2.6.18-6-686> Linux kernel 2.6.15-rc1, there is no need to manually install mppe and dkms

2. install the pptpd service apt-get install pptpd

3. Edit the/etc/pptpd. conf file.
Debian :~ # Cat/etc/pptpd. conf | grep-v "#"
Ppp/usr/sbin/pppd
Option/etc/ppp/pptpd-options
Logwtmp
Localip 10.0.0.1
Remoteip 10.0.0.2-238

4. Edit the configuration file in/etc/ppp.
Debian :~ # Cat/etc/ppp/pptpd-options | grep-v "#"
Name pptpd
Refuse-pap
Refuse-chap
Refuse-mschap
Require-mschap-v2
Require-mppe-128
Ms-dns 202.106.195.68
Ms-wins 10.0.0.100
Proxyarp
Nodefaultroute
Debug
Dump
Logfile/var/log/pptpd. log
Lock
Nobsdcomp

5. Finally, edit/etc/ppp/chap-secrets to add users and Set passwords.
# Here * indicates that the PPTP Client IP address is not restricted
# Add a user name: vpn password: 123456
Debian :~ # Cat/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# Client server secret IP addresses
Vpn pptpd 123456 *

6. Restart the pptpd service.
Debian :~ #/Etc/init. d/pptpd restart

7. Configure iptable rules (I need to modify the rules based on my own situation. I use ADSL to access the Internet, so it is ppp0)
#! /Bin/bash
########################
Echo "Enable IP Forwarding ...."

Echo 1>/proc/sys/net/ipv4/ip_forward
Echo "Starting Iptables ...."
/Sbin/modprobe iptable_nat
/Sbin/modprobe ip_conntrack
/Sbin/modprobe ip_conntrack_ftp
/Sbin/iptables-F INPUT
/Sbin/iptables-F OUTPUT
/Sbin/iptables-F FORWARD
/Sbin/iptables-F-t nat

/Sbin/iptables-P INPUT ACCEPT
/Sbin/iptables-P OUTPUT ACCEPT
/Sbin/iptables-P FORWARD ACCEPT
/Sbin/iptables-t nat-P OUTPUT ACCEPT
/Sbin/iptables-t nat-P PREROUTING ACCEPT
/Sbin/iptables-t nat-P POSTROUTING ACCEPT

# ---> WEB
/Sbin/iptables-t nat-a prerouting-p tcp-I ppp0? Dport 80-j DNAT? To 192.168.1.1: 80

#? OK
/Sbin/iptables-t nat-a prerouting-s 192.168.0.250-p tcp-m tcp? Dport 80-j REDIRECT? To-ports 3128.
/Sbin/iptables-a forward-s 192.168.0.2/24-j DROP
/Sbin/iptables-t nat-a postrouting-o ppp0-j MASQUERADE

8. Download the configuration file vpn.rar

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.