Steps for installing and configuring a vpn server in centos6.4

Centos6.4 detailed steps for installing and configuring the vpn server, from installing the VPN to configuring the VPN server, configuring the route forwarding function of the VPN server, each step is detailed in CentOS

1. VPN server environment description

Operating system: CentOS release 6.4 (Final)

Local Nic:

Copy codeThe code is as follows:
# Ifconfig
Em1 Link encap: Ethernet HWaddr 78: 2B: CB: 42: C3: 68
Inet addr: 192.168.123.201 Bcast: 192.168.123.255 Mask: 255.255.255.0
Em2 Link encap: Ethernet HWaddr 78: 2B: CB: 42: C3: 6A
Inet addr: 10.100.100.201 Bcast: 10.100.100.255 Mask: 255.255.255.0

Note: the local network card em1 is responsible for connecting to the vpn client, and em2 is responsible for connecting to the 10.100.100.0 network segment server.

Purpose:

(1) the vpn client can be successfully connected to the vpn server;

(2) the vpn server can forward requests from the vpn client to the 10.100.100.0 network segment.

II. install the VPN server package

Use yum to install ppp and pptp packages

Copy codeThe code is as follows:
Yum-y install ppp *
Yum-y install pptp *
If yum does not have pptp, you can

3. configure the VPN server

1. edit the/etc/pptpd. conf file, find the "locapip" and "remoteip" configuration items, and remove the preceding. Change the following IP address to your desired IP address.

Locapip indicates the local IP address of the VPN server;

Remoteip indicates the IP address range allocated when the VPN client is connected to the server.

Copy codeThe code is as follows:
# Vi/etc/pptpd. conf
Ppp/usr/sbin/pppd
Option/etc/ppp/options.ppt pd
# Logwtmp
Localip 192.168.123.201
Remoteip 192.168.0.234-238,192.168 .0.245

2. edit the file/etc/ppp/options.ppt pd and add the DNS address at the end.

Copy codeThe code is as follows:
# Vi/etc/ppp/options.ppt pd
Ms-dns 202.106.196.115
Ms-dns 192.168.123.5

Save the exit file.

3. add a VPN client account and password

Copy codeThe code is as follows:
# Vi/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# Client server secret IP addresses
Shen pptpd 123456 *

Here, we have created a vpn user: shen, and the password is 123456. One account can be added to multiple accounts in one row.

4. start the VPN server

Copy codeThe code is as follows:
#/Etc/init. d/pptpd restart

Now the VPN server has been built, but the routing function needs to be added to the VNP server in the actual environment.

4. configure the route forwarding function of the VPN server

1. modify the kernel file so that the system supports forwarding.

Copy codeThe code is as follows:
# Vi/etc/sysctl. conf

Change 0 in net. ipv4.ip _ forward = 0 to 1 and then OK.

Run the following command to make it take effect:

Copy codeThe code is as follows:
# Sysctl-p

2. configure the firewall to add forwarding rules

Copy codeThe code is as follows:
# Iptables-t nat-a postrouting-s 192.168.123.0/24-o eth0-j MASQUERADE

Note: access from the 192.168.123.0 CIDR block flows through the eth0 Nic for forwarding

5. FAQs

1. the following error occurs in/var/log/messages logs. how can this problem be solved?

Error log content: from PTY failed: status =-1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs

Solution:

Modify the/etc/pptpd. conf file, comment out the logwtmp line, and restart the pptpd service.

Copy codeThe code is as follows:
# Logwtmp
#/Etc/init. d/pptpd restart

Try to connect to the vpn client again and verify the user and password.