Build a VPN on CentOS

Source: Internet
Author: User
Tags vps ubuntu vps

Build a VPN on CentOS

Linux: CentOS

1. Check the server for necessary support. If the check results do not support these features, pptp cannot be installed. Command:
Modprobe ppp-compress-18 & echo OK
After this execution, "OK" indicates that the execution is successful. However, another check is required. Enter the following command:
Cat/dev/net/tun
If the following information is displayed, ticket can be activated for vps vendors if not supported. Most vps vendors in the United States can:
Cat:/dev/net/tun: File descriptor in bad state
The above two can install VPN (pptp) only once they pass through)

2. Prepare the environment
PPTPD requires the Linux kernel to support mppe. Generally, it is included in CentOS installation. The following is the installation of ppp and iptables:
Yum install ppp iptables
 
3. Install PPTPD
For 32-bit CentOS, run
Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm
Rpm-ivh pptpd-1.3.4-1.rhel5.1.i386.rpm
For 64-bit CentOS, run
Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.x86_64.rpm
Rpm-ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm
The above two are el5 kernel rpm packages. If el6 is used, run
Rpm-Uvh http://poptop.sourceforge.net/yum/stable/rhel6/i386/pptpd-1.4.0-1.el6.i686.rpm
If you want to install it directly from yum, you can
Rpm-Uvh http://poptop.sourceforge.net/yum/stable/pptp-release-current.noarch.rpm
Yum search pptpd
If the appeal url is invalid, you can access the http://poptop.sourceforge.net to find it

4. modify configuration
Edit the PPTP configuration file/etc/ppp/options.ppt pd and add the following content:
Ms-dns 8.8.8.8
Ms-dns 8.8.4.4
Edit the configuration file/etc/pptpd. conf and add the following content:
/Etc/ppp/options.ppt pd
Localip 192.168.254.1
Remoteip 192.168.254.100-254
* Localip and remoteip define the Intranet IP address allocated after the client connects to the VPN Server. You can modify the IP address as needed.
Configure the user authentication file/etc/ppp/chap-secrets as follows:
Testuser pptpd testpwd *
* Change testuser and testpwd to the desired VPN login username and password.
Set net. ipv4.ip _ forward in the/etc/sysctl. conf file to 1 (if not, create a new row in the format ):
Net. ipv4.ip _ forward = 1
At the same time, add # Before "net. ipv4.tcp _ syncookies = 1" to become:
# Net. ipv4.tcp _ syncookies = 1
Save and exit. Run
/Sbin/sysctl-p
Make it take effect.
 
5. Set iptables forwarding
/Etc/init. d/iptables start
/Sbin/iptables-t nat-a postrouting-o eth0-s 192.168.254.0/24-j MASQUERADE
/Etc/init. d/iptables save
/Etc/init. d/iptables restart
* Note that the above 192.168.254.0 should correspond to the previously set network segment.
 
6. Remove encryption (some VPS do not support encryption)
This step can be omitted, mainly depending on what VPS you are.
Edit/etc/ppp/options.ppt pd (vim/etc/ppp/options.ppt pd), add a number before the require-mppe-128 # (# require-mppe-128 );
In the VPN connection properties, Select optional encryption mode and allow unencrypted passwords.
Restart PPTPD:

7. Set startup
Chkconfig pptpd on
Chkconfig iptables on

Restart the server to connect and access the Internet normally.
If you cannot connect to the VPN after restarting the server, first check whether port 1723 of the PPTP service on the server is enabled (note that the firewall allows this port). If you can connect to the VPN but cannot access the Internet normally, check whether iptables is forwarded normally.
Iptables-a input-m state -- state NEW-m tcp-p tcp -- dport 1723-j ACCEPT
Service iptables save
Service iptables restart

The following content may be more suitable for you:

Install an open-source VPN Server on CentOS 7

Use PPTP to build a VPN

PPTPD for RHEL5.4 VPN service configuration

The problem of configuring NAT forwarding in PPTPd on Ubuntu VPS

Install pptp vpn under CentOS

Linux VPN (PPTPD) + Windows AD unified authentication

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.