Installing VPN servers in Linux pptpd step tutorial

Source: Internet
Author: User
Tags centos iptables aliyun

Environment:

[Root@vpn_server network-scripts]# Cat/etc/redhat-release

CentOS Release 6.6 (Final)

[Root@vpn_server network-scripts]# Uname-m

x86_64


Preparation:

C64

RPM-IVH http://mirrors.aliyun.com/epel/6/x86_64/epel-release-6-8.noarch.rpm

Yum Install Yum-priorities-y


C32

RPM-IVH http://mirrors.aliyun.com/epel/6/i386/epel-release-6-8.noarch.rpm

Yum Install Yum-priorities-y

Join Yum Source

RPM-UVH http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm

Experiment topology:

OS IP Role
Linux eth0:198.168.136.137 pptp_server (vpn_server)
Win7 vpn_client

Goal:

Users (Vpn_client) through PPTP (vpn_server), the realization of the wall-surfing function.

Check to see if the server has the necessary support. If the check results do not have these support, it is not possible to install PPTP, execute instructions:

Modprobe ppp-compress-18 && Echo OK

After this execution, the display of "OK" indicates that it is passed. But then another check is required, and the instructions are entered:

Cat/dev/net/tun

If the instruction shows the result to the following text, it means:

Cat:/dev/net/tun:file Descriptor in

All two of these are approved before PPTP can be installed. Otherwise you can only consider OpenVPN, or ask your service provider to solve this problem

[Root@vpn_server soft]# modprobe ppp-compress-18 && echo OK

Ok

[Root@vpn_server soft]# Cat/dev/net/tun

Cat:/dev/net/tun:file Descriptor in

The Cent OS 6.4 kernel version is above 2.6.15, with the default integration of MPPE and PPP

1 Install PPP,PPTPD and iptables (iptables optional).

By default, the complete CentOS comes with these two components, but a thin version of the system may not. We enter the following command to confirm that if not, install

Yum Install Pptpd-y

2 Configure PPTP.

First, we're going to edit the/etc/pptpd.conf file

Locapip "and" Remoteip "These two configuration items, will precede the"; " The annotation character is removed, or changed to the IP segment value you expect.

Localip represents the IP of the server,

REMOTEIP represents the IP address assigned to the client

[Root@vpn_server soft]# echo "Localip 198.168.136.137" >>/etc/pptpd.conf

[Root@vpn_server soft]# echo "Remoteip 172.16.1.10-15" >>/etc/pptpd.conf

[Root@vpn_server soft]# Tail-2/etc/pptpd.conf

Localip 198.168.136.137

Remoteip 172.16.1.10-15

In the edit/ETC/PPP/OPTIONS.PPTPD file, add DNS for VPN:

[Root@vpn_server soft]# echo "Ms-dns 114.114.114.114" >>/etc/ppp/options.pptpd

[Root@vpn_server soft]# echo "Ms-dns 8.8.8.8" >>/etc/ppp/options.pptpd

[Root@vpn_server soft]# Tail-2/etc/ppp/options.pptpd

Ms-dns 8.8.8.8

Ms-dns 114.114.114.114

Set the PPTP VPN account password. We need to edit/etc/ppp/chap-secrets.

This file: #vim/etc/ppp/chap-secrets in this file, according to the "Username pptpd password *" Written in the form of a line of account and password

For example, if you add a user named Test with a password of 123456, edit the following: Test pptpd 123456 *

[Root@vpn_server soft]# echo "Test pptpd 123456 *" >>/etc/ppp/chap-secrets

[Root@vpn_server soft]# tail-1/etc/ppp/chap-secrets

Test pptpd 123456 *

Modify the kernel settings so that it supports forwarding. Edit/etc/sysctl.conf File:

#vim/etc/sysctl.conf "Net.ipv4.ip_forward" to 1, into the following form. net.ipv4.ip_forward=1

Save the exit and execute the following command to take effect on it:

#sysctl-P

Add iptables forwarding rules. Enter the following directive:

Iptables-t nat-a postrouting-s 172.16.1.0/24-o eth0-j Masquerade

Iptables-a input-i eth0-p tcp–dport 1723-j ACCEPT

Iptables-a forward-i ppp+-o eth0-j ACCEPT

Iptables-a forward-i eth0-o ppp+-j ACCEPT

Iptables-a input-i eth0-p gre-j ACCEPT

Iptables-a input-m state–state established,related-j ACCEPT

Note that the "172.16.1.0/24″" in this directive is changed according to the "Localip" segment of the previous configuration file.

Service Iptables Save

Start pptpd

[Root@vpn_server soft]#/etc/init.d/pptpd start

Starting pptpd: [OK]

[Root@vpn_server soft]# Netstat-lntp|grep pptpd

TCP 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 4129/pptpd

Operating on the Vpn-client

Create a new network connection, slightly

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.