Implement remote LAN access in Linux

Source: Internet
Author: User
Article Title: implement remote LAN access in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
This article introduces a method to build a dial-up server using two serial ports of a Linux server. remote users can connect to the LAN through dialing to facilitate information transfer and resource sharing.
  
The configuration environment for the author is the Red Hat 8.0 Linux operating system, the required hardware includes two external Modem (connected to the COM1 and COM2 ports respectively) and two telephone lines. The implementation steps are as follows:
  
   1. initialize a serial device
  
Add the following two lines to the/etc/inittab file to initialize two serial devices: ttyS0 and ttyS1:
  
S0: 345: respawn:/sbin/mgetty-D-X 3 ttyS0
  
S1: 345: respawn:/sbin/mgetty-D-X 3 ttyS1
  
Then, run the "/sbin/init q" command to make the change take effect.
  
   2. Specify the authentication method
  
Create the ppplogin file in the/etc/PPP directory. The content is as follows:
  
#! /Bin/sh
  
/Usr/sbin/pppd auth-chap + pap login
  
This file specifies that the user uses PAP authentication for logon. PAP and CHAP are two authentication protocols for the PPP service.
  
After saving the file, set the execution permission for the file:
  
# Chmod a + x/etc/ppp/ppplogin
  
Then, change the/etc/mgetty + sendfax/login. config file, remove the comment in front of "/AutoPPP/", and change it to the following content:
  
/AutoPPP/--/etc/PPP/ppplogin
  
   3. Modify the options file
  
Modify the/etc/PPP/Options file as follows;
  
Detach
  
Modem
  
Lock
  
Crtscts
  
Asyncmap 0
  
Netmask 255.255.255.0
  
Proxyarp
  
Ms-dns 192.168.11.1
  
The "detach" option is very important. If this option is not specified, the dial-up program will enter the background, so that the Shell script exits, followed by the serial line being hung up, resulting in connection suspension. "Detach" prevents tty devices from being controlled by PPPD.
  
The "Modem" option enables PPPD to monitor the DTR lead and check whether the peer is offline.
  
The "Lock" option specifies that UUCP-style locking is used on the serial device.
  
The crtscts option is used to enable the hardware handshake signal.
  
Asyncmap 0 sets asynchronous character ing. This ing specifies that control characters cannot be directly sent through connections and must be escaped first.
  
"Netmask 255.255.255.0" sets the network mask of the PPP network interface.
  
The "proxyarp" option enables the ARP proxy function.
  
"Ms-dns" 201711.1 "specifies the DNS server address in the LAN. If not, it can be set.
  
   4. assign an IP address to the dial-in user
  
Create/etc/ppp/Options. ttyS0 and/etc/ppp/
  
Options. ttyS1:
  
# Vi options. ttyS0
  
192.168.11.3: 192.168.11.242
  
# Vi options. ttys1
  
192.168.11.3: 192.168.11.243
  
"192.168.11.3" is the IP address of the Linux machine used as the dial-up server, "192.168.
  
11.242 and 192.168.11.243 are the IP addresses assigned to the COM1 port and COM2 port respectively.
  
   5. Password Verification
  
Edit the/etc/PPP/pap-secrets file as follows:
  
** "Secret" 192.168.11.242
  
** "Password" 192.168.11.243
  
As shown above, each line of code contains four columns, representing the user name, server address, password value, and IP address list respectively. "*" Indicates that it can match any content.
  
After you dial in, if you need to access other servers in the LAN, you must enable the IP forwarding function:
  
Echo 1>/proc/sys/net/ipv4/ip_forward
  
To automatically remove a connection after a period of free time, add the following line to/etc/ppp/options:
  
Idle 600
  
In the above Code, "600" indicates 600 seconds, that is, 10 minutes.
  
If the/sbin/mgetty file and the/etc/mgetty + sendfax/login. config file cannot be found in the corresponding directory, install the mgetty package.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.