PPTP from getting started to mastering CentOS series

Today, let's talk about how to build a PPTP-VPN in linux, PPTP (PointtoPointTunnelingProtocol), that is, point-to-Point Tunneling Protocol. This protocol is a new enhanced security protocol developed on the basis of the PPP protocol. it supports multi-protocol virtual private network (VPN) and can pass the password verification protocol (PAP) and Extensible Authentication Protocol (EAP) to enhance security. Remote users can dial in to the ISP, connect to the Internet directly, or access other networks.

Today, let's talk about how to build a PPTP-VPN in linux, PPTP (Point to Point Tunneling Protocol), that is, Point to Point Tunneling Protocol. This protocol is a new enhanced security protocol developed on the basis of the PPP protocol. it supports multi-protocol virtual private network (VPN) and can pass the password verification protocol (PAP) and Extensible Authentication Protocol (EAP) to enhance security. This allows remote users to access Cen through an ISP, a direct connection to the Internet, or other networks.

First, let me talk about the environment. I use the centos5.8. software package, which is the ppp installed by yum. Pptpd uses wget for download.

Next we will start to introduce the installation steps:

1. install ppp

Yum install-y ppp

2. download pptpd

 

Wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm (for 32-bit systems) wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.x86_64.rpm (for 64-bit systems)

3. install pptpd

 

Rpm-ivh pptpd-1.3.4-1.rhel5.1.i386.rpm (for 32-bit systems) rpm-ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm (for 64-bit systems)

4. configure pptpd

Edit the/etc/pptpd. conf file: cp/etc/pptpd. conf/etc/pptpd. conf. bakvim/etc/pptpd. conf

Option/etc/ppp/options.ppt pd
Logwtmp
Localip 192.168.9.1
Remoteip 192.168.9.11-30

Localip indicates the IP address of the server (set according to the actual situation), remoteip indicates the IP address assigned to the client, which can be set as a range. Here we use the default pptp configuration

Next, edit the/etc/ppp/options.ppt pd file and add the ccn dns for the VPN.

Cp/etc/ppp/options.ppt pd. bak

Vim/etc/ppp/options.ppt pd adds the following two lines at the end: Generally, you only need to modify the ms-dns and assign the IP address of the DNS server to the VPN client.

Ms-dns 202.106.0.20

Set the pptp VPN account password and edit the/etc/ppp/chap-secrets file:

Vim/etc/ppp/chap-secrets

Follow the "user name pptpd password *" format, one account and one password per line. For example, if the user name is test and the password is 123456:

Test pptpd 123456 * (ip address assigned to the test user)

5. modify kernel settings to support forwarding

Vim/etc/sysctl. conf. ipv4.ip _ forward "is changed to 1 and becomes the following form: net. ipv4.ip _ forward = 1 save and exit, and execute the following command to take effect: sysctl-p

6. enable the pptpd service and set it to boot automatically

/Etc/init. d/pptpd start
Shutting down pptpd: [FAILED]
Starting pptpd: [OK]

Then, set chkconfig pptpd on to enable automatic startup.

Next, let's take a look at what problems will occur during the installation process:

1. when installing the pptpd rpm Package

 

If the following error is reported during installation: warning: pptpd-1.3.4-1.rhel5.1.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 862acc42: NOKEY
Error: Failed dependencies:
Ppp = 2.4.4 is needed by pptpd-1.3.4-1.rhel5.1.x86_64 add two parameters after the installation package, as follows: rpm-ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm -- nodeps -- force plus the meaning of the two parameters is that,
During installation, the dependency between packages is not analyzed and directly installed,

No more error: Failed dependencies:

2. when the service is last started

Warning: a pptpd restart does not terminate existing
Connections, so new connections may be assigned the same IP
Address and cause unexpected results. Use restart-kill
Destroy existing connections during a restart.

When the VPN service is restarted, the existing VPN connection cannot be terminated. Therefore, after the VPN service is restarted, assign the same IP address to the connected VPN client. To solve the preceding problem, you can run the "service pptpd restart-kill" command to disconnect all existing VPN connections when stopping the VPN service, run the "service pptpd start" command to restart the VPN service.

Finally, let's talk about how to test:

First, right-click the network properties in win 7 and then click the first new connection vpn

 

 

The connection is complete.

Summary

Default port number of pptp: 1723 point-to-Point Tunneling Protocol (PPTP) is a network technology that supports multi-protocol virtual private network. it works on the second layer. With this protocol, remote users can securely access the company's network through Microsoft Windows NT Workstation, Windows xp, Windows 2000, Windows 7, and other systems with point-to-point protocols, and can be connected to a local ISP by dialing, and securely linked to the company network through the Internet.