Deployment of vpn (pptpd) in Centos

Source: Internet
Author: User
Original article: workshop? Ivhpptpd-1.3.4-1.rhel5.1.i386.rpm. Fortunately, this package does not

Original article: http://sery.blog.51cto.com/10037/122108
I. Installation
The most convenient installation of pptpd under centos 5 is to download the rpm package pptpd-1.3.4-1.rhel5.1.i386.rpm, and then directly execute rpm? Ivh pptpd-1.3.4-1.rhel5.1.i386.rpm. Fortunately, this package has no other dependencies, so the installation should be exceptionally smooth. If you use the source code for installation, the version of ppp2.3.4 may be high. you need to delete pppd2.3.4 and then install pppp2.4.3, which is troublesome.

After the rpm Package is installed, several configuration files are automatically generated, the main configuration file/etc/pptpd. conf, option file/etc/ppp/options.ppt pd, account file/etc/ppp/chap-secrets. later, pptpd is configured to modify these files.

II. vpn topology
The vpn access logic has three networks:
1. target network to be accessed. Usually in the internal network where the vpn server is located (the vpn server has two NICs, one is public network and the other is private network)
2. public network of the Vpn.
3. the virtual network formed with the client after the Vpn connection. We recommend that you set up a network separately so that the ip address of the private network (destination network) after the vpn is not used.

Of course, the vpn tunnel network can be the same network segment as the target network, but this is not recommended.

III. vpn server configuration
(1) modify the main configuration file/etc/pptpd. conf. you only need to add the following two lines:
Localip 172.16.195.1
Remoteip 172.16.195.101-200
Localip this line sets a tunnel ip address for the vpn server
Remoteip is the IP address range automatically assigned to the client.

(2) modify the option file/etc/ppp/options.ppt pd. you need to set the dns assigned to the client. Therefore, you only need to remove the comment before ms-dns and change it to the available dns as follows:
Ms-dns 61.135.154.5
Ms-dns 159.226.240.66
To view debugging information conveniently, just remove the comments before the debug line. The comment before Dump is also canceled.

(3) add an account. Add the file/etc/ppp/chap-secrets one by one. one account occupies one row. A row is divided into four columns, which are represented as follows:
Username server name password ip
Pptpd-is used without a limit on the number of characters. if its name is used to modify the content of the name line of the options.ppt pd file using double quotation marks, the password cannot contain double quotation marks. * indicates that ip addresses are randomly assigned by pptpd.

The account and password are in plain text, so you need to set the access permission properly. A set account file is similar to the following items:
"Sery" pptpd "& hds) $ + "*

4. run pptpd. run the command service pptpd start or run/etc/init. d/pptpd to start pptpd. Check the process and system logs to check whether pptpd is normal.
 
V. client configuration (windows ). This should be easy, so there will be no more fees.

6. dial-up logon.
 
During the dialing process, log on to the vpn server to view the log, and you will see the user's connection. The following is a piece of screenshot for your reference:
Dec 19 17:16:01 max-vpn pppd [9833]: Plugin/usr/lib/pptpd/pptpd-logwtmp.so loaded.
Dec 19 17:16:01 max-vpn pppd [9833]: pptpd-logwtmp: $ Version $
Dec 19 17:16:01 max-vpn pppd [9833]: pppd options in effect:
Dec 19 17:16:01 max-vpn pppd [9833]: debug # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [1, 9833]: logfile/etc/ppp/vpn. log # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: dump # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: plugin/usr/lib/pptpd/pptpd-logwtmp.so # (from command line)
Dec 19 17:16:01 max-vpn pppd [9833]: require-mschap-v2 # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: refuse-pap # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [1, 9833]: refuse-chap # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: refuse-mschap # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: name pptpd # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: pptpd-original-ip 200.199.118.72 # (from command line)
Dec 19 17:16:01 max-vpn pppd [9833]: 115200 # (from command line)
Dec 19 17:16:01 max-vpn pppd [9833]: lock # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: local # (from command line)
Dec 19 17:16:01 max-vpn pppd [1, 9833]: novj # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [1, 9833]: novjccomp # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: ipparam 200.199.118.72 # (from command line)
Dec 19 17:16:01 max-vpn pppd [9833]: ms-dns xxx # [dont know how to print value] # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [1, 9833]: proxyarp # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:01 max-vpn pppd [9833]: 172.16.195.1: 172.16.195.101-200 # (from command line)
Dec 19 17:16:02 max-vpn pppd [1, 9833]: nobsdcomp # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:02 max-vpn pppd [9833]: require-mppe-128 # (from/etc/ppp/options.ppt pd)
Dec 19 17:16:02 max-vpn pppd [9833]: pppd 2.4.4 started by root, uid 0
Dec 19 17:16:02 max-vpn pppd [1, 9833]: Using interface ppp0
Dec 19 17:16:02 max-vpn pppd [9833]: Connect: ppp0 <-->/dev/pts/1
Dec 19 17:16:02 max-vpn pptpd [9832]: CTRL: Ignored a set link info packet with real ACCMs!
Dec 19 17:16:02 max-vpn pppd [9833]: Unsupported protocol IPv6 Control Protovol (0x8057) received
Dec 19 17:16:02 max-vpn pppd [9833]: MPPE 128-bit stateless compression enabled
Dec 19 17:16:04 max-vpn pppd [9833]: Cannot determine ethernet address for proxy ARP
Dec 19 17:16:04 max-vpn pppd [9833]: local IP address 172.16.195.1
Dec 19 17:16:04 max-vpn pppd [9833]: remote IP address 172.16.195.101
Dec 19 17:16:04 max-vpn pppd [9833]: pptpd-logwtmp.so ip-up ppp0 sery 200.199.118.72
[Root @ max-vpn ~] #
This log indicates that there is already a connection from 200.199.118.72 to the vpn server. its account is sery and the vpn address assigned to this client machine is 172.16.195.101. on a dial-up machine (windows), view its current network parameters:

C: Userssery> ipconfig/all

Windows IP configuration

Host name ......: sery-sony
Primary DNS suffix ...........:
Node type ......: Hybrid
IP route enabled...
WINS proxy enabled...: no
DNS Suffix search list...: maxthon.net

PPP adapter VPN connection:

Connection to a specific DNS suffix .......:
Description ......: VPN connection
Physical Address .............:
DHCP is enabled... no
Automatic configuration is enabled... yes
IPv4 address ......: 172.16.195.101 (preferred)
Subnet mask ......: 255.255.255.255
Default Gateway ......: 0.0.0.0
DNS server ......: 61.135.154.5
&

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.