My operating environment: Alibaba Cloud Hong Kong node ECS, operating system: CentOS 6.3 64-bit
Glossary: pptp is one of the VPN server types, PPP is a data link layer protocol, and iptables is an IP information packet filtering system.
[Body]
1 Install software on the server
1.1 First install ppp. Command:
[Root @ kuro ~] # Yum install-y ppp iptables
The message "Complete" is displayed! , Installed successfully;
1.2 install pptp. Since pptp is not stored in the CentOS source, you cannot find the installation package after installing it using the yum command. You need to download it from the internet. The installation command is as follows:
[Root @ kuro ~] # Rpm-ivh http://xinzhi.so/pptpd-1.3.4-2.el6.x86_64.rpm
Added on February 16,: my domain name has expired and the so link has expired. You can use the pptp attachment uploaded by a friend in the post below.
2 Configure pptp
2.1 Edit/etc/pptpd. conf with the following command:
[Root @ kuro ~] # Vi/etc/pptpd. conf
Set
# Localip 192.168.0.1
# Remoteip 192.168.0.234-238,192.168 .0.245
Modify
Localip 192.168.0.1
Remoteip 192.168.0.234-238,192.168 .0.245
Remove the first character "#" from the two lines, save and exit.
(Vi command supplement: If you need to find abc, enter ":/abc", modify text input I, exit modification, and press esc, save and exit input ":/wq ")
2.2 edit/etc/ppp/options.ppt pd with the following command:
[Root @ kuro ~] # Vi/etc/ppp/options.ppt pd
Set
# Ms-dns 10.0.0.1
# Ms-dns 10.0.0.2
Change
Ms-dns 8.8.8.8
Ms-dns 8.8.4.4
Remove the first character "#" from the two lines, and then modify the dns ip address.
2.3 set the username and password for pptp
Command:
[Root @ kuro ~] # Vi/etc/ppp/chap-secrets
There are only two lines after opening, and no account exists.
# Secrets for authentication using CHAP
# Client server secret IP addresses
Add one account per line as needed. Follow the format of "user name pptpd password IP address". Separate each item by space. For example: kuro pptpd 123456 * (* indicates all IP addresses)
Save and exit.
3Modify kernel settings to support forwarding
Command:
[Root @ kuro ~] # Vi/etc/sysctl. conf
Set net. ipv4.ip _ forward = 0
Change to net. ipv4.ip _ forward = 1
Set net. ipv4.tcp _ syncookies = 1
Change to # net. ipv4.tcp _ syncookies = 1
Save and exit
Run the following command to make the modified kernel take effect.
[Root @ kuro ~] # Sysctl-p
4Add iptablesForwarding rules
Iptables-t nat-a postrouting-s 192.168.0.0/24-o eth1-jMASQUERADE
(Note: Because Alibaba Cloud is a dual-Nic, intranet eth0, and Internet eth1, it is particularly easy to mistakenly write this as eth0, which is one of the reasons why many messy tutorials cannot be configured successfully)
After adding forwarding rules, save the settings and restart iptables.
[Root @ kuro ~] #/Etc/init. d/iptables save
[Root @ kuro ~] #/Etc/init. d/iptablesrestart
5Restart pptpService
[Root @ kuro ~] #/Etc/init. d/pptpd restart
Note that pptp is not running yet. Therefore, when you restart with restart, Shutting down pptp [FAILED] will be displayed. There is also a warning that can be ignored. If you are not at ease, you can use the above command to restart pptp and it will be very smooth.
6Set pptpAnd iptablesStart with system
[Root @ kuro ~] # Chkconfig pptpd on
[Root @ kuro ~] # Chkconfig iptables on
So far, pptp server installation is complete.
In the "Network and Sharing Center" on the PC end, set a new connection or network to access the VPN. S