How to install and configure pptp vpn Client in CentOS

This article describes in detail how to install a VPN client in CentOS (note that it is not a VPN server)

1. Install software

[Root @ webserver ~] # Yum install ppp pptp-setup

2. Register the ppp_mppe kernel module

[Root @ webserver ~] # Modprobe ppp_mppe

3. Create a VPN connection

Custom connection name: vpn

PPTP Server: 123.456.78.90

User Name: sun

Password 123456

[Root @ webserver ~] # Pptpsetup -- create vpn -- server 123.456.78.90 -- username sun -- password 123456

4. Configure the VPN to enable and disable the script

[Root @ webserver ~] # Cp/usr/sharing/doc/ppp-2.4.5/scripts/pon/usr/sbin/
[Root @ webserver ~] # Cp/usr/share/doc/ppp-2.4.5/scripts/poff/usr/sbin/
[Root @ webserver ~] # Chmod + x/usr/sbin/pon
[Root @ webserver ~] # Chmod + x/usr/sbin/poff

5. Enable VPN connection

[Root @ webserver ~] # Pon vpn

6. Verify that the connection is successful.

[Root @ webserver ~] # Ip a | grep ppp

If no result is returned from the preceding command, the connection fails. You can view the error cause of the/var/log/message File query.

[Root @ webserver ~] # Tailf/var/log/messages

(1) the server does not support MPPE.

If the error message is:

[Root @ webserver ~] # MPPE required but peer negotiation failed

This indicates that the server does not support MPPE encryption, and The-encrypt option is not required for pptpsetup. You can modify the/etc/ppp/peers/vpn file and comment it out.

[Root @ webserver ~] # Require-mppe-128

(2) the client does not support MPPE.

If the error message is:

[Root @ webserver ~] # LCP terminated by peer (MPPE required but peer refused)

This indicates that the server requires MPPE encryption, but the client does not support it. The-encrypt option is missing during pptpsetup. Add a line to the/etc/ppp/peers/vpn file

[Root @ webserver ~] # Require-mppe-128

Restart the VPN connection.

[Root @ webserver ~] # Poff vpn
[Root @ webserver ~] # Pon vpn

7. Configure the default route so that all traffic passes through the VPN

After the connection is successful, view the route

[Root @ webserver ~] # Route-n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
123.456.78.90 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.0.0 U 1 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

A virtual network port ppp0 is added, and a default route is added.

[Root @ webserver ~] # Route add-net 0.0.0.0 dev ppp0

Restart VPN

8. Test

You can ping Google. Success!

[Root @ webserver ~] # Ping www.google.com-c 3
PING www.google.com (216.58.221.132) 56 (84) bytes of data.
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq = 1 ttl = 54 time = 155 MS
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq = 2 ttl = 54 time = 164 MS
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq = 3 ttl = 54 time = 174 MS
 
--- Www.google.com ping statistics ---
3 packets transmitted, 3 bytes ed, 0% packet loss, time 2177 ms
Rtt min/avg/max/mdev = 155.234/164.742/174.020/7.671 MS