Article Title: describes how to configure a VPN Server in a Linux operating system. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
A Virtual Private Network is a local network that uses the internet to connect to different geographical locations. Access between networks is like local access. Because VPN encrypts data during data transmission, although the data is transmitted over the public network, its security is still very high. Over the past few years, hardware devices with VPN functions have been selling well. Some Firewall vendors still use their VPN functions as selling points. Here we do not focus on hardware VPN, but only on VPN in linux.
1. Install the VPN package
Requires dkms-2.0.10-2.fc5.noarch.rpm, kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm, ppp-2.4.3-9.2.i586.rpm and pptpd-1.3.1-0.i386.rpm for these rpm packages. Then run the command # rpm? Ivh dkms-2.0.10-2.fc5.noarch.rpm; rpm? Ivh kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm; rpm? Ivh ppp-2.4.3-9.2.i586.rpm; rpm? Ivh pptpd-1.3.1-0.i386.rpm complete installation.
2. Configure the VPN Service
There are two files to be modified: The Master configuration file/etc/pptpd. conf and the VPN user account file/etc/ppp/chap-sescrets. In the main configuration file, you must set the local address of the VPN Server and the address segment allocated to the client. Therefore, you only need to manually append localip and remoteip in the main configuration file to complete the configuration task. The account file stores the authentication information required for the VPN Client to dial in. The format is:
User name, service password, password assigned to the user
The user name, password, and IP address assigned to the user must be enclosed in double quotation marks. The "service" is generally pptpd. For reference, the following is an instance of pptpd. conf and chap-secrets:
# More/etc/pptpd. conf
Localip 192.168.1.254 (Server ip)
Remoteip 192.168.1.230-240 (address pool allocated to the client)
# More/etc/ppp/chap-screts
"Guoxing" (User Name) pptpd "guoxing" (password) "*" (ip address retrieved from the address pool)
"Public" pptpd "wgzx" "192.168.1.202" (you can specify the ip address allocated to the client)
3. Client Configuration
To use the windows Network Connection wizard, you only need to select "connect to VPC through ineternet (V)" to complete the configuration step by step. Note: the IP address of the VPN Server must be the unique Unicast address in the world, that is, the eth0 address of the gateway server.
4. Enable the VPN Service
Before enabling VPN, make sure that the kernel IP forwarding function is enabled. Then run the command # service pptpd start to enable VPN and wait for remote user access.
Ps: At the beginning, I downloaded the four software packages required by vpn from the Internet. They were downloaded from the open-source community but could not be installed. It was strange that I got these four software packages from another channel, the discovery is much larger than the files provided by the open-source community, and is finally installed, so do not be superstitious. In addition, the address of the vpn Server set in it is a local address, which is equivalent to the eth0 address. When connecting to the Intranet as a client, enter the eth1 address of the vpn Server (which must be globally unique). The linux server also needs packet forwarding.