Home > Developer > Windows

Quickly build a VPN Server for Small and Medium-sized Enterprises

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

VPN is an indispensable service for all Internet enterprises. Its existence greatly facilitates our office efficiency. When a Server failure occurs, engineers no longer need to take a taxi to the company to handle the problem. They can dial up and connect to the company at home, so they can handle the problem easily and happily. Of course, what I am talking about here is not a hardware device fault. If it is a physical fault, you still have to take a taxi to the company's office.

Currently, VPN is divided into two types: Software and Hardware. A powerful company will choose a hardware VPN, which is stable and easy to configure. Small companies can choose to use software for cost saving.

Today, we take PPTPD as an example to learn how to quickly build our own VPN Server in linux.

 
 
    
  
  
  1. Operating System: centos 5.8 x86_64 
    2. 
  
  
  2. Both single and dual NICs are supported.
     
    3.

Check the system environment before installation:

Check whether the system kernel supports the MPPE patch. If OK is displayed, the system supports the MPPE patch. If not, install kernel-devel first.

 
 
    
  
  
  1. modprobe ppp-compress-18 && echo ok 
    2.

Check whether TUN/TAP support is enabled.

 
 
    
  
  
  1. cat /dev/net/tun 
    2.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 133 "src =" http://www.bkjia.com/uploads/allimg/131228/0210152243-0.png "/>

You can install pptp only after both of the preceding steps are passed. Otherwise, you need to consider using other VPN service software.

Check whether ppp and iptables are installed. If not, install pptpd based on these software.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 133 "src =" http://www.bkjia.com/uploads/allimg/131228/0210154K0-1.png "/>

The installation command is as follows:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 188 "src =" http://www.bkjia.com/uploads/allimg/131228/0210155115-2.png "/>

Install pptpd:

 
 
    
  
  
  1. rpm -ivh http://acelnmp.googlecode.com/files/pptpd-1.3.4-2.rhel5.x86_64.rpm 
    2.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 70 "src =" http://www.bkjia.com/uploads/allimg/131228/021015D93-3.png "/>

Configure pptp. First, edit the/etc/pptpd. conf file:

 
 
    
  
  
  1. Vim/etc/pptpd. conf
    2. 
  
  
  2. Remove # from the field below. Here, set the IP address range that can be obtained by the default gateway and vpn Client: 
    3. 
  
  
  3. Localip 192.168.66.1
    4. 
  
  
  4. Remoteip 192.168.66.101-130
    5.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 136 "src =" http://www.bkjia.com/uploads/allimg/131228/021015LH-4.png "/>

Next, edit/etc/ppp/options.ppt pd:

 
 
    
  
  
  1. Vim/etc/ppp/options.ppt pd
    2. 
  
  
  2. Remove "#" before "ms-dns" and modify it to the following fields. Here we mainly set the DNS server to be used: 
    3. 
  
  
  3. Ms-dns 211.147.6.3
    4. 
  
  
  4. Ms-dns 202.106.0.20
    5.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 135 "src =" http://www.bkjia.com/uploads/allimg/131228/0210153Y0-5.png "/>

Set the pptp VPN account password. Edit the/etc/ppp/chap-secrets file:

 
 
    
  
  
  1. Vim/etc/ppp/chap-secrets
    2. 
  
  
  2. Enter the following field. An asterisk indicates that any IP address is allowed to connect to the VPN Server:
    3. 
  
  
  3. Testuser pptpd testpass *
    4.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 96 "src =" http://www.bkjia.com/uploads/allimg/131228/021015FN-6.png "/>

Modify the kernel settings to support forwarding. Edit the/etc/sysctl. conf file:

 
 
    
  
  
  1. Vim/etc/sysctl. conf
    2. 
  
  
  2. Change "net. ipv4.ip _ forward" to 1: 
    3. 
  
  
  3. Net. ipv4.ip _ forward = 1
    4.

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 448 "src =" http://www.bkjia.com/uploads/allimg/131228/0210152c2-7.png "/>

Save and exit, and execute the following command to take effect:

 
 
    
  
  
  1. sysctl -p 
    2.

Add iptables forwarding rules.

 
 
    
  
  
  1. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 
    2. 
  
  
  2. iptables -I INPUT -p tcp --dport 47 -j ACCEPT 
    3. 
  
  
  3. iptables -I INPUT -p tcp --dport 1723 -j ACCEPT 
    4. 
  
  
  4. iptables -I INPUT -p gre -j ACCEPT 
    5.

Save the firewall settings.

 
 
    
  
  
  1. /etc/init.d/iptables save 
    2.

Set to automatically run the service at startup.

 
 
    
  
  
  1. chkconfig pptpd on 
    2. 
  
  
  2. chkconfig iptables on 
    3.

PPTPD server control method:

 
 
    
  
  
  1. Start the pptpd service:
    2. 
  
  
  2. /Etc/init. d/pptpd start
    3. 
  
  
  3. Stop pptpd: 
    4. 
  
  
  4. /Etc/init. d/pptpd stop
    5. 
  
  
  5. Restart pptpd:
    6. 
  
  
  6. /Etc/init. d/pptpd restart
    7. 
  
  
  7. Close the service and kill an online vpn Client: 
    8. 
  
  
  8. /Etc/init. d/pptpd restart-kill
    9. 
  
  
  9. View the current running status of pptpd: 
    10. 
  
  
  10. /Etc/init. d/pptpd status
    11.

Client connection test:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 196 "src =" http://www.bkjia.com/uploads/allimg/131228/0210151010-8.png "/>

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; border-top: 0px; border-right: 0px "title =" image "border =" 0 "alt =" image "height =" 383 "src =" http://www.bkjia.com/uploads/allimg/131228/0210154J5-9.png "/>

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131228/0210153350-10.png "/>

For more information about client VPN configuration, see Baidu.

Let's try it all. If you have any questions, please join me.

This article from the "small Cui's growth path" blog, please be sure to keep this source http://cyr520.blog.51cto.com/714067/1161788

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
cisco router for medium sized business build vpn server hp small and medium business account hp small and medium business store shared server for small business contrase a vpn android build and publish app for free

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More