Solve the centos vpn619 Error
The building process is the same as that on the Internet: Check whether the server has the necessary support. Command:
Modprobe ppp-compress-18 & echo OK
After this execution, "OK" indicates that the execution is successful. However, another check is required. Enter the following command:
Cat/dev/net/tun
If the following information is displayed, ticket can be activated for vps vendors if not supported. Most vps vendors in the United States can:
Cat:/dev/net/tun: File descriptor in bad state
The above two can install VPN (pptp) only once they pass through)
First, install the relevant software to configure the VPN:
Yuminstall-ywgetperlppp
Use wget to download the vpn Installer:
Wgethttp: // poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.i686.rpm
Rpm-ivhpptpd-1.4.0-1.el6.i686.rpm
Configure the dns server in the vpn:
Cat>/etc/ppp/options.ppt pd <EOF
Ms-dns 8.8.8.8
Ms-dns8.8.8.4
EOF
Configure the IP address allocated in the VPN
Cat>/etc/pptpd. conf <EOF
Localip 192.168.6.1
Remoteip 192.168.6.2-254
EOF
Configure the VPN and account and password
Cat>/etc/ppp/chap-secrets <EOF
Vpntest pptpd 654321 *
EOF
Modify the kernel settings to support forwarding. Edit the/etc/sysctl. conf file:
Vi/etc/sysctl. conf
Change "net. ipv4.ip _ forward" to 1:
Net. ipv4.ip _ forward = 1
At the same time, add # Before "net. ipv4.tcp _ syncookies = 1 #:
# Net. ipv4.tcp _ syncookies = 1
Add firewall rules:
Iptables-t nat-a postrouting-s 192.168.6.0/255.255.255.0-j SNAT -- to-source 10.10.10.20.
Iptables-a forward-p tcp -- syn-s 192.168.6.0/255.255.255.0-j TCPMSS -- set-mss 1356
Iptables-t nat-a postrouting-s 192.168.0.0/255.255.255.0-o eth0-j MASQUERADE
Iptables-a input-p tcp -- dport 1723-j ACCEPT
Iptables-AINPUT-s 192.168.6.0/255.255.255.0-j ACCEPT
Iptables-AINPUT-p UDP -- dport 53-j ACCEPT
# // 10.10.20.local IP Address
Start the VPN service and set it to self-start
Servicepptpdstart
Chkconfigpptpdon
Servicepptpd restart-kill; service pptpd start
Configuration completed:
More/etc/pptpd. conf | grep-v ^ #
Option/etc/ppp/options.ppt pd
Localip 192.168.6.1
Remoteip 192.168.6.2-254
More/etc/ppp/options.ppt pd | grep-v ^ #
Name pptpd
Refuse-pap
Refuse-chap
Refuse-mschap
Require-mschap-v2
Require-mppe-128
Ms-dns 8.8.8.8
Ms-dns 8.8.8.4
Proxyarp
Lock
Nobsdcomp
Novj
Novjccomp
Nologfd
The above configuration always reports error 619:
I have seen many online strategies;
1. rm/dev/ppp
Mknod/dev/ppp c 108 0
2. If the error code is still unavailable (sometimes error 651 occurs), view the log in/var/log/messages and find the following:
Jan 2 07:26:11 fr pptpd [1604]: CTRL: Starting call (launching pppd, opening GRE) Jan 2 07:26:11 fr pppd [1605]: plugin/usr/lib/pptpd/pptpd-logwtmp.so is for pppd version 2.4.3, this is 2.4.5Jan2 07:26:11 fr pptpd [1604]: GRE: read (fd = 6, buffer = 804fa20, len = 8196) from PTYfailed: status =-1 error = Input/output error, usually caused by unexpectedtermination of pppd, check option syntax and pppd logsJan 2 07:26:11 fr pptpd [1604]: CTRL: PTY read or GRE write failed (pty, gre) = (6, 7) Jan 2 07:26:11 frpptpd [1604]: CTRL: Client X. x. x. X control connection finished
Logwtmp plug-in version incompatibility error!
Vi/etc/pptpd. conf
Find logwtmp and add #
Service pptpd restart still reports error and cannot log on;
3. tail-100f/var/log/messages
Aug 12 20:25:34 localhost pppd [9614]: The remote system is required to authenticate itself
Aug 12 20:25:34 localhost pppd [9614]: but I couldn't find any suitable secret (password) for it to use to do so.
The error message is an authentication error. Pay attention to setting the user format in step 2.
Solution: Add noauth to the end of the configuration file/etc/ppp/options. It seems that the error still persists ......
There are also questions about route settings on the Internet. This troubleshooting is not caused by routes;
In the end, the user can set the user name and add quotation marks to make it cheerful.
Vim/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# Client server secret IP addresses
"Username" pptpd "password "*
The problem is solved!
Peer from calling number 10.10.10.91 authorized
Aug 12 20:32:21 localhost pppd [9913]: MPPE 128-bit stateless compression enabled
Aug 12 20:32:24 localhost pppd [9913]: Cannot determine ethernet address for proxy ARP
Aug 12 20:32:24 localhost pppd [9913]: local IP address 192.168.6.1
Aug 12 20:32:24 localhost pppd [9913]: remote IP address 192.168.6.2
Sometimes a punctuation or a character may cause an inexplicable problem. There is always a solution to the problem of finding a log ~