Set up a gateway, DHCP, and VPN Server with Ubuntu 10.04

Source: Internet
Author: User

In March 1, the gateway server of the lab was uncertain blocked. After checking the line and making a new crystal head, it didn't help. So I had to use the 10 m network port on the lab floor. The turtle was so horrible.

Today, they only learned from the computing center that the gateway server had been banned because of viruses. Although the original gateway Server was newly purchased, it still had trouble constantly, and the network was disconnected from time to time. This time it was still infected with a virus. Windows was indeed not a Server material, and even the 2008 Server version was still so vulnerable.


Finally, I was unable to bear it. I made up my mind to reinstall the system and migrate it to the Linux platform. Although the lab's windows friends are skeptical about this, I believe they will change their views after that.

There is no doubt that we chose Ubuntu. The alpha3 version was released in 10.04 a few days ago. Although it is unstable alpha, we will consider that 10.04 will be an LTS version and the validity period is up to 5 years, so I decided to take a risk, 10.04 Desktop AMD64 alpha3.

The following describes how to configure various services:

[Dual NIC address]
Modify/etc/network/interfaces
Auto eth0
Iface eth0 inet static
Address 162.105.30.130
Netmask 255.255.255.0
Gateway 162.105.30.1

Auto eth1
Iface eth1 inet static
Address 192.168.1.1
Netmask 255.255.255.0

[NAT] gateway service
Modify/etc/sysctl. conf
Net. ipv4.ip _ forward = 1
Net. ipv6.conf. all. forwarding = 1
Run
Sudo iptables-t nat-a postrouting-s 192.168.1.0/24-j MASQUERADE
Sudo iptables-a forward-p tcp -- syn-s 192.168.1.0/24-j TCPMSS -- set-mss 1156
Sudo iptables-save> iptables-rules
Sudo mv iptables-restore/etc/
The first rule above is to forward all LAN requests to the Internet.
The second rule is irrelevant to the gateway and is written for the VPN.
Modify the/etc/rc. local STARTUP script and add:
Iptables-restore </etc/iptables-rules

[DHCP]
Installation package:
Sudo apt-get install dhcp3-server
Modify the/etc/default/dhcp3-server configuration file
INTERFACES = "eth1"
Modify the/etc/dhcp3/dhcpd. conf configuration file
Option domain-name-servers 162.105.129.27, 162.105.129.26, 202.112.7.13;


Subnet 192.168.1.0 netmask 255.255.255.0 {
Range 192.168.1.2 192.168.1.200;
Option subnet-mask limit 255.0;
Option routers 192.168.1.1;
}

[VPN]
Install software package
Sudo apt-get install pptpd
Modify the/etc/pptpd. conf configuration file
Localip 192.168.1.201
Remoteip 192.168.1.202-245
Modify the/etc/ppp/options configuration file
Ms-dns 162.105.129.27
Ms-dns 162.105.129.26
Modify the/etc/ppp/chap-secrets file and set the password
Username pptpd password *

It is worth mentioning that the MTU setting of VPN is not followed by the rule about iptables mtu previously written. Vpn can still be used normally, but it is only a small part of the website, such as not going to school. After trying the mss length one by one, the configuration of 1156 is finally obtained.
 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.