Installing VPN servers in Linux pptpd step tutorial

Environment:

[Root@vpn_server network-scripts]# Cat/etc/redhat-release

CentOS Release 6.6 (Final)

[Root@vpn_server network-scripts]# Uname-m

x86_64

Preparation:

C64

RPM-IVH http://mirrors.aliyun.com/epel/6/x86_64/epel-release-6-8.noarch.rpm

Yum Install Yum-priorities-y

C32

RPM-IVH http://mirrors.aliyun.com/epel/6/i386/epel-release-6-8.noarch.rpm

Yum Install Yum-priorities-y

Join Yum Source

RPM-UVH http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm

Experiment topology:

OS IP Role
Linux eth0:198.168.136.137 pptp_server (vpn_server)
Win7 vpn_client

Goal:

Users (Vpn_client) through PPTP (vpn_server), the realization of the wall-surfing function.

Check to see if the server has the necessary support. If the check results do not have these support, it is not possible to install PPTP, execute instructions:

Modprobe ppp-compress-18 && Echo OK

After this execution, the display of "OK" indicates that it is passed. But then another check is required, and the instructions are entered:

Cat/dev/net/tun

If the instruction shows the result to the following text, it means:

Cat:/dev/net/tun:file Descriptor in

All two of these are approved before PPTP can be installed. Otherwise you can only consider OpenVPN, or ask your service provider to solve this problem

[Root@vpn_server soft]# modprobe ppp-compress-18 && echo OK

Ok

[Root@vpn_server soft]# Cat/dev/net/tun

Cat:/dev/net/tun:file Descriptor in

The Cent OS 6.4 kernel version is above 2.6.15, with the default integration of MPPE and PPP

1 Install PPP,PPTPD and iptables (iptables optional).

By default, the complete CentOS comes with these two components, but a thin version of the system may not. We enter the following command to confirm that if not, install

Yum Install Pptpd-y

2 Configure PPTP.

First, we're going to edit the/etc/pptpd.conf file

Locapip "and" Remoteip "These two configuration items, will precede the"; " The annotation character is removed, or changed to the IP segment value you expect.

Localip represents the IP of the server,

REMOTEIP represents the IP address assigned to the client

[Root@vpn_server soft]# echo "Localip 198.168.136.137" >>/etc/pptpd.conf

[Root@vpn_server soft]# echo "Remoteip 172.16.1.10-15" >>/etc/pptpd.conf

[Root@vpn_server soft]# Tail-2/etc/pptpd.conf

Localip 198.168.136.137

Remoteip 172.16.1.10-15

In the edit/ETC/PPP/OPTIONS.PPTPD file, add DNS for VPN:

[Root@vpn_server soft]# echo "Ms-dns 114.114.114.114" >>/etc/ppp/options.pptpd

[Root@vpn_server soft]# echo "Ms-dns 8.8.8.8" >>/etc/ppp/options.pptpd

[Root@vpn_server soft]# Tail-2/etc/ppp/options.pptpd

Ms-dns 8.8.8.8

Ms-dns 114.114.114.114

Set the PPTP VPN account password. We need to edit/etc/ppp/chap-secrets.

This file: #vim/etc/ppp/chap-secrets in this file, according to the "Username pptpd password *" Written in the form of a line of account and password

For example, if you add a user named Test with a password of 123456, edit the following: Test pptpd 123456 *

[Root@vpn_server soft]# echo "Test pptpd 123456 *" >>/etc/ppp/chap-secrets

[Root@vpn_server soft]# tail-1/etc/ppp/chap-secrets

Test pptpd 123456 *

Modify the kernel settings so that it supports forwarding. Edit/etc/sysctl.conf File:

#vim/etc/sysctl.conf "Net.ipv4.ip_forward" to 1, into the following form. net.ipv4.ip_forward=1

Save the exit and execute the following command to take effect on it:

#sysctl-P

Add iptables forwarding rules. Enter the following directive:

Iptables-t nat-a postrouting-s 172.16.1.0/24-o eth0-j Masquerade

Iptables-a input-i eth0-p tcp–dport 1723-j ACCEPT

Iptables-a forward-i ppp+-o eth0-j ACCEPT

Iptables-a forward-i eth0-o ppp+-j ACCEPT

Iptables-a input-i eth0-p gre-j ACCEPT

Iptables-a input-m state–state established,related-j ACCEPT

Note that the "172.16.1.0/24″" in this directive is changed according to the "Localip" segment of the previous configuration file.

Service Iptables Save

Start pptpd

[Root@vpn_server soft]#/etc/init.d/pptpd start

Starting pptpd: [OK]

[Root@vpn_server soft]# Netstat-lntp|grep pptpd

TCP 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 4129/pptpd

Operating on the Vpn-client

Create a new network connection, slightly