System environment: CentOS 5.4 Final
Network card: eth0:98.126.x.x
First check the system of the MPPE, basically CentOS itself have, see OK can continue to proceed, no words to hit a patch, online everywhere.
Modprobe ppp-compress-18 && Echo OK
The CentOS5.4 system itself is installed with a PPP version, which can be used in this version or reinstalled, where I uninstall and reinstall myself.
Rpm-q PPP
Rpm-e Rp-pppoe
RPM-E PPP
Rm-rf/etc/ppp
The required software is as follows:
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-1.rhel5.1.i386.rpm
wget http://poptop.sourceforge.net/yum/stable/packages/ppp-2.4.4-9.0.rhel5.i386.rpm
1. Installation
RPM-IVH pptpd-1.3.4-1.rhel5.1.i386.rpm
RPM-IVH ppp-2.4.4-9.0.rhel5.i386.rpm
2. Set up server Basic configuration
The main configuration file is placed in the
/etc/pptpd.conf
/etc/ppp/options.pptpd
/etc/ppp/chap-secrets
Vi/etc/pptpd.conf
Add the following information at the bottom of the configuration
Localip 192.168.8.1-30
Remoteip 192.168.8.50-80,192.168.8.100-200
(1) Define the IP on the VPN server. (is the IP that the client can communicate with the VPN service, that is, the client may access the VPN server through this address)
(2) define the IP segment of the client. (with-to connect the continuous IP, with half-width commas to separate the IP of the different segments)
Vi/etc/ppp/options.pptpd
Add one line at the end
Ms-dns 4.2.2.2 (You can change to your own common DNS)
vi/etc/ppp/chap-secrets to user rights and assigning IP
Format: User, service password * (wildcard)
# vi/etc/ppp/chap-secrets
The contents are as follows:
# Secrets for authentication using CHAP
# Client Server Secret IP addresses
test01 pptpd 123456 * (automatically obtained)
test02 pptpd 654321 192.168.7.230 (IP specified)
3. Turn on the Linux kernel routing function (to ensure that every boot must run the open Routing function, join vi/etc/rc.local)
echo "1″>/proc/sys/net/ipv4/ip_forward
( confirm the system SELinux whether to close vi/etc/selinux/config, look inside selinux=disabled)
or edit/etc/sysctl.conf to add the following statement:
Net.ipv4.ip_forward = 1
To enable Sysctl to take effect immediately, run the following command:-
Sysctl-p
4. If Iptables is turned on, the following rules are required
Open 1723,47 Port
iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p tcp --dport 47 -j ACCEPT
5. Start and stop VPN services
#/ETC/RC.D/INIT.D/PPTPD Start
#/etc/rc.d/init.d/pptpd Stop off
#/etc/rc.d/init.d/pptpd Restart reboot
To enable the VPN service to start automatically when the system boots, execute:
# Chkconfig PPTPD on
Use NETSTAT-ANL to see if 1723 ports are open on the server
6. This VPN server should be able to start normally, but want to normal use, but also need a command, this command in the network a lot of articles inside is not.
# iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -o eth0 -j SNAT --to 98.126.x.x
(NAT conversion, bindable IP)
&
/sbin/iptables-t nat-i postrouting-s 192.168.8.0/24-j Masquerade
View NAT
Iptables-t nat-l
You may also need to add this route before you can surf the Internet. (two cards used)
IP route add 192.168.0.0/16 via 192.168.8.1
To create a VPN dial-up connection client under Windows :
1, open the network connection, click on the left-hand list inside the "Create a new Connection", click "Next".
2, select "Connect to my Workplace network", click "Next".
3, select "Virtual Private network Connection", click "Next".
4, in the "Company name" input box to enter any name, you like it, click "Next".
5, in the "Host name or IP address" box, enter the domain name or IP address on the VPN server, and then click "Next", click "Finish" to create a complete connection, the Network Connection window inside also has a connection icon.
6, click on the icon, and then open a connected window, and then enter the user name and password just added in/etc/ppp/chap-secrets, then click "Connection", if the configuration is no problem, will be connected, now used IP will display the IP address on the server.
The following are supplementary:
There are a lot of articles about installing VPN in the network, but there is hardly a complete list, and I am configuring it according to other articles. Guaranteed success. The main problem with installing VPNs is the software version and the system environment.
System environment: CentOS 5.2 Linux version 2.6.18-92.el5 (because my system is newer, I do not need to update the build kernel)
Network card: eth0:219.237.***.*** (a piece, two pieces do not matter)
First check the system of MPPE, basically CentOS itself have, see OK can continue to go down, no, to see other people's patched articles, online everywhere.
Modprobe ppp-compress-18 && Echo OK
CentOS5.2 system itself has been installed with the ppp2.4.4.1 version, I uninstall here, all of their own reinstall.
Rpm-q PPP
Rpm-e Rp-pppoe
RPM-E PPP
Rm-rf/etc/ppp
The required software is as follows:
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-1.rhel5.1.i386.rpm
wget http://poptop.sourceforge.net/yum/stable/packages/ppp-2.4.4-9.0.rhel5.i386.rpm
1. Installation
RPM-IVH ppp-2.4.4-9.0.rhel5.i386.rpm
RPM-IVH pptpd-1.3.4-1.rhel5.1.i386.rpm
My system lacks these two things, so install, everybody doesn't matter: yum-y install vim* NTP
2. Set up server Basic configuration
The main configuration file is placed in the
/etc/pptpd.conf
/etc/ppp/options.pptpd
/etc/ppp/chap-secrets
Vi/etc/pptpd.conf
Add the following information at the bottom of the configuration
Localip 192.168.5.10-30,192.168.5.33
Remoteip 192.168.7.225-238,192.168.7.245
(1) Define the IP on the VPN server. (is the IP that the client can communicate with the VPN service, that is, the client may access the VPN server through this address)
(2) define the IP segment of the client
vi/etc/ppp/options.pptpd
Remove the following two parameters "#"
debug \ Turn on debugging. This allows you to see debug results in/var/log/message
dump
or
Logfile/var/log/pptpd.log \ \ Specifies the log file
vi/etc/ppp/chap-secrets give user permissions and assign IP
Format: User, service password * (pass-by)
# vi/etc/ppp/chap-secrets The
content is as follows:
# Secrets for authentication using CHAP
# client Server secret IP addresses
test01 pptpd 123456 * (auto Get)
test02 pptpd 654321 192.168.7.230 (Specify IP)
3. Turn on the Linux kernel routing function (to ensure that every boot must run the open Routing function, join vi/etc/rc.local)
echo "1" >/proc/sys/net/ipv4/ip_forward
(Confirm that the system SELinux is closed. Vi/etc/selinux/config, look inside selinux=disabled)
4. If Iptables is turned on, the following rules are required
Open 1723,47 Port
Iptables-a input-p TCP--dport 1723-j ACCEPT
Iptables-a input-p TCP--dport 47-j ACCEPT
5. Start and stop VPN services
#/ETC/RC.D/INIT.D/PPTPD Start
#/etc/rc.d/init.d/pptpd Stop off
#/etc/rc.d/init.d/pptpd Restart reboot
To enable the VPN service to start automatically when the system boots, execute:
# Chkconfig PPTPD on
Use NETSTAT-ANL to see if 1723 ports are open on the server
6. This VPN server should be able to start normally, but want to normal use, but also need a command, this command in the network a lot of articles inside is not.
# iptables-t nat-a postrouting-s 192.168.7.0/24-o eth0-j SNAT--to 192.168.5.220 (NAT conversion)
&
/sbin/iptables-t nat-i postrouting-s 192.168.7.0/24-j Masquerade
View NAT
Iptables-t nat-l
You may also need to add this route before you can surf the Internet. (two cards used)
IP route add 192.168.0.0/16 via 192.168.5.1
Create a VPN dial-up connection under Windows slightly here.