Linux CentOS pptp vpn installation tutorial

Pptpd VPN requires Kernel support for mppe. If not, contact your service provider.

First, check whether the server supports ppp before installation,
Run the command below to test if your kernel supports MPPE and you shoshould get a return an "OK ":
# Modprobe ppp-compress-18 & echo OK


FATAL: cocould not load/lib/modules/2.6.18-028stab066. 10/modules. dep: No such file or directory


Check whether tun/tap is enabled on the server.
# Cat/dev/net/tun
Cat:/dev/net/tun: File descriptor in bad state. The returned information indicates that tun/tap is enabled on the server.

Start the configuration below.
First install ppp and iptables.
Yum install-y ppp iptables
If the following conditions occur:
[Root @ mail ~] # Yum install-y ppp iptables
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* Base: mirrors.kernel.org
* Updates: mirrors.kernel.org
* Addons: mirrors.kernel.org
* Extras: mirrors.kernel.org
Http://download.lxlabs.com/download/update/centos-5/ I #/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (-3, Temporary failure in name resolution)>
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd. xml) for repository: lxlabsupdate. Please verify its path and try again

Run yum clean all first, and then run yum install-y ppp iptables.

Download pptpd.

32-bit operating system.
Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm
64-bit operating system.
Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.x86_64.rpm

Install pptpd

32-bit Operating System
Rpm-ivh pptpd-1.3.4-1.rhel5.1.i386.rpm

64-bit Operating System
Rpm-ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm next edit the/etc/pptpd. conf file, remove the comments for the following two lines or add them directly
Vim/etc/pptpd. conf

Localip 192.168.0.1
Remoteip 192.168.0.234-238,192.168 .0.245


Add the VPN user and password, and keep the password in the format below.
Vim/etc/ppp/chap-secrets

Username pptpd password *

Set DNS to Google DNS.
Vim/etc/ppp/options.ppt pd
To test, open debug and dump
# Logging

# Enable connection debugging facilities.
# (See your syslog configuration for where pppd sends)
Debug

# Print out all the option values which have been set.
# (Often requested by mailing list to verify options)
Dump
The default information is written in/var/log/messages.

Change ms-dns.
Ms-dns 8.8.8.8
Ms-dns 8.8.4.4


The configuration instructions are as follows:

# It is equivalent to the domain used for identity authentication. It must correspond to the content in/etc/ppp/chap-secrets.
Name pptpd
# Transmission encryption. Ppp-2.4.2 and later versions only support MPPE encryption, the kernel module is ppp_mppe.o
# Reject pap Authentication
Refuse-pap
# Reject chap authentication
Refuse-chap
# Reject mschap Authentication
Refuse-mschap
# Using mschap-v2 (Microsoft Challenge Handshake Authentication Protocol, Version 2) Authentication method
Require-mschap-v2
# Note to use MPPE for encryption when using mschap-v2 Authentication
Require-mppe-128
# Assign the DNS address and WINS server address to the client
Ms-dns 202.99.96.68
# Ms-wins 10.0.0.4
# Start the ARP proxy. If the IP address assigned to the client is in the same subnet as the Intranet Nic, you must enable the ARP proxy.
Proxyarp



Edit the/etc/sysctl. conf file, find the line "net. ipv4.ip _ forward = 1", and remove the preceding comment. Add if no.



Net. ipv4.ip _ forward = 1



Run the following command to make the configuration take effect.



Sysctl-p



Restart pptpd



/Etc/init. d/pptpd restart



Enable iptables forwarding



/Sbin/iptables-t nat-a postrouting-s 192.168.0.0/24-o eth0-j MASQUERADE



Finally, set iptables and pptpd to automatically start upon startup.



Chkconfig pptpd on chkconfig iptables on