Dedicated path: Remote LAN Access in Linux

This article introduces a method to build a dial-up server using two serial ports of a Linux server. remote users can connect to the LAN through dialing to facilitate information transfer and resource sharing. The configuration environment of the author is RedHat8.0Linux operating system. the required hardware includes two external Modem (connected to COM1 and COM2 respectively. This article introduces a method to build a dial-up server using two serial ports of the Linux server, remote users can connect to the LAN through dialing to facilitate information transmission and resource sharing.

The configuration environment for the author is the Red Hat 8.0 Linux operating system, the required hardware includes two external Modem (connected to the COM1 and COM2 ports respectively) and two telephone lines. The implementation steps are as follows:

1. initialize a serial device

Add the following two lines to the/etc/inittab file to Initialize two serial devices: ttyS0 and ttyS1:

S0: 345: respawn:/sbin/mgetty-D-X 3 ttyS0

S1: 345: respawn:/sbin/mgetty-D-X 3 ttyS1

Then, run the "/sbin/init q" command to make the change take effect.

2. specify the authentication method

Create the ppplogin file in the/etc/PPP Directory. the content is as follows:

#! /Bin/sh

/Usr/sbin/pppd auth-chap + pap login

This file specifies that the user uses PAP authentication for logon. PAP and CHAP are two authentication protocols for the PPP service.

After saving the file, set the execution permission for the file:

# Chmod a + x/etc/ppp/ppplogin

Then, change the/etc/mgetty + sendfax/login. config file, remove the comment in front of "/AutoPPP/", and change it to the following content:

/AutoPPP/--/etc/PPP/ppplogin

3. modify the options file

Modify the/etc/PPP/Options file as follows;

Detach

Modem

Lock

Crtscts

Asyncmap 0

Netmask 255.255.255.0

Proxyarp

Ms-dns 192.168.11.1

The "detach" option is very important. If this option is not specified, the dial-up program will enter the background, so that the Shell script exits, followed by the serial line being hung up, resulting in connection suspension. "Detach" prevents tty devices from being controlled by PPPD.

The "Modem" option enables PPPD to monitor the DTR lead and check whether the peer is offline.

The "Lock" option specifies that UUCP-style locking is used on the serial device.

The crtscts option is used to enable the hardware handshake signal.

Asyncmap 0 sets asynchronous character Ing. this ing specifies that control characters cannot be directly sent through connections and must be escaped first.

"Netmask 255.255.255.0" sets the network mask of the PPP network interface.

The "proxyarp" option enables the ARP proxy function.

"Ms-dns" 201711.1 "specifies the DNS server address in the LAN. if not, it can be set.

4. assign an IP address to the dial-in user

Create/etc/ppp/Options. ttyS0 and/etc/ppp/

Options. ttyS1:

# Vi options. ttyS0

192.168.11.3: 192.168.11.242

# Vi options. ttys1

192.168.11.3: 192.168.11.243

"192.168.11.3" is the IP address of the Linux machine used as the dial-up server. "192.168.11.242" and "192.168.11.243" are the IP addresses assigned to the COM1 port and COM2 port respectively.

5. Password verification

Edit the/etc/PPP/pap-secrets file as follows:

** "Secret" 192.168.11.242

** "Password" 192.168.11.243

As shown above, each line of code contains four columns, representing the user name, server address, password value, and IP address list respectively. "*" Indicates that it can match any content.

After you dial in, if you need to access other servers in the LAN, you must enable the IP forwarding function:

Echo 1>/proc/sys/net/ipv4/ip_forward

To automatically remove a connection after a period of free time, add the following line to/etc/ppp/options:

Idle 600

In the above code, "600" indicates 600 seconds, that is, 10 minutes.

If the/sbin/mgetty file and the/etc/mgetty + sendfax/login. config file cannot be found in the corresponding directory, install the mgetty package.