Article Title: VPNServer Setup Guide under RHLinux9. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Server: Red Hat Linux 9 Kernel 2.6.10
For convenience, you can put them in the same directory.
I do not like to use RPM for installation, so I use the source code for compilation and installation.
I. patch the kernel first
# Tar zjvf linux-2.6.10.tar.bz2
# Gunzip linux-2.6.10-mppe-mppc-1.2.patch.gz
# Patch-p0-I linux-2.6.10-mppe-mppc-1.2.patch
# Ln? S linux-2.6.10 linux
# Cd linux
# Make menuconfig
Device Drivers-> Networking Support->
Compile "PPP support" into the kernel. You can also compile it as a module.
PPP Support for async serial ports
PPP Support for sync tty ports
PPP Deflate compression
Microsoft PPP compression/encryption (MPPC/MPPE )"
Cryptographic options
Compile the "Cryptographic API" into the kernel. You can also compile it as a module. Make sure that the SHA1 and ARC4 support has been selected:
SHA1 digest algorithm
ARC4 cipher algorithm
Save the configuration file and exit
Compile the kernel
Make all modules modules_install install
Modify/etc/modprobe. conf (modify/etc/modules. conf for Kernel 2.4)
Restart and go to 2.6.10.
Ii. Install PPP
Run the rpm-qa | grep ppp command to check whether the system has a ppp-2.4.1-10 installed with RH9.
If there is any, use rpm-e to uninstall the file first, and there may be dependency relationships. Uninstall the file in sequence, for example:
# Rpm e rp-pppoe-3.5-2
# Rpm e wvdial-1.53-9
# Rpm e ppp-2.4.1-10
# Tar xzvf ppp-2.4.3.tar.gz
# Gunzip ppp-2.4.3-mppe-mppc-1.1.patch
# Patch? P0? I ppp-2.4.3-mppe-mppc-1.1.patch
# Cd ppp-2.4.3
#./Configure
# Make; make install
3. Install pptpd
# Tar xzvf pptpd-1.2.3.tar.gz
#./Configure
# Make; make install
Related configuration files:
/Etc/pptpd. conf
# Basic pptpd configuration file
/Etc/ppp/options.ppt pd
# VPN dialing options
/Etc/ppp/chap-secrets
# Username and password information
/Etc/modules. conf
# Module loading information
(For Kernel 2.4, modify/etc/modules. conf)
Vi/etc/pptpd. confppp/usr/local/sbin/pppd
# Specify the pppd path
Option/etc/ppp/options.ppt pd
# Specify the option File Location
Localip 192.168.1.3
# Same server LAN address
Remoteip 192.168.1.230-239
# Allocation? Client ip Address
In this example, the range is from 192.168.1.230 to 192.168.1.239. You can also specify an address or multiple segments separated by commas (,), for example, 192.168.1.230-239,192.168 .1.254.
Vi/etc/ppp/options.ppt pd
Name *
Lock
Mtu 1450
Mru 1450
Proxyarp
Auth
Ipcp-accept-local
Ipcp-accept-remote
Lcp-echo-failure 3
Lcp-echo-interval 5
Deflate 0
# Handshake Auth Method
-Encryption protocol type
+ Chap
+ Mschap-v2
# Data Encryption Methods
Mppe required, stateless
For more information, see man pppd.
Or man pptpd
Vi/etc/ppp/chap-secrets
# Client server Password IP Address
Test x 12345 *
Because the password is displayed in plain text, it is best to modify the File Permission so that root can be used as the owner and chmod 700.
Vi/etc/modules. conf
Alias char-major-108 ppp_generic
Alias/dev/ppp ppp_generic
Alias tty-ldisc-3 ppp_async
Alias tty-ldisc-14 ppp_synctty
Alibaba ppp-compress-18 ppp_mppe_mppc
Alias ppp-compress-21 bsd_comp
Alias ppp-compress-24 ppp_deflate
Alias ppp-compress-26 ppp_deflate
Restart
# Reboot
Here I am alias ppp-compress-18 ppp_mppe_mppc seems useless, had to manually load:
#/Usr/local/sbin/pptpd
Mar 17 23:07:32 localhost pptpd [4471]:
MGR: Manager process started
Mar 17 23:07:32 localhost pptpd [4471]:
MGR: Maximum of 10 connections available
Set the client connection, and choose the custom definition in the security module. Here, the settings in option.ppt pd are as follows:
Mar 17 23:09:59 localhost pptpd [4473]:
CTRL: Client 192.168.1.136
Control connection started
Mar 17 23:09:59 localhost pptpd [4473]:
CTRL: Starting call
(Launching pppd, opening GRE)
Mar 17 23:09:59 localhost pppd [1, 4474]:
Pppd 2.4.3 started by root, uid 0
Mar 17 23:09:59 localhost pppd [1, 4474]:
Using interface ppp0
Mar 17 23:09:59 localhost pppd [1, 4474]:
Connect: ppp0 <-->/dev/pts/1
Mar 17 23:10:02 localhost pptpd [4473]:
CTRL: Ignored a SET LINK INFO
Packet with real ACCMs!
Mar 17 23:10:02 localhost pppd [1, 4474]:
Mppcs/MPPE 128-bit stateless compression enabled
Mar 17 23:10:04 localhost pppd [1, 4474]:
Found interface eth0 for proxy arp
Mar 17 23:10:04 localhost pppd [1, 4474]:
Local IP address 192.168.1.3
Mar 17 23:10:04 localhost pppd [1, 4474]:
Remote IP address 192.168.1.230
Successful!
What is the reason except the red line?
Note: The kernel of 2.4.x is similar to the patch file and the modules. conf file. Why is the option file in pppd different? The pptp client is based on the PPP protocol. PPP requires support of the MPPE encryption protocol to support certain PPTP servers.
Early versions contain the source code for OpenSSL authorization, which is independent of PPP projects; this is PPP-MPPE 2.4.0 (red ). Later versions use BSD-authorized source code, which is part of the PPP project. This is PPP 2.4.2 and later (green ), the third is to use the patch of Jan Dubiec and add the version supported by MPPC (blue)
For each version, the ppp mppe support requires two parts. One is the support of the kernel, and the other is the support of the pppd program. The two parts must be in the same version. If the two versions are inconsistent, the pppd program reports the following error: the kernel is not supported. Detailed comparison of the two versions:
PPP-MPPE 2.4.0
No further development?
No response to problems
Has known problems such
As kernel panics
OpenSSL license directly
Conflicts with kernel license
When loaded, does not
Indicate a license conflict
Requires/etc/modules. conf changes
Module file name mppe. o (or ppp_mppe.o)
+ Mppe-128 (inconsistent
With existing option names)
Mppe-stateless
Require-chapms-v2
(Incorrect protocol name)
PPP 2.4.2 and later
Ongoing development by PPP project
Active response to problems by developers
Has no known problems
At this time (stay tuned)
BSD license does not conflict
(As much) with kernel license
When loaded, indicates a license conflict
Requires no/etc/modules. conf changes
Module file name ppp_mppe.o
Require-mppe-128 Nomppe-stateful Require-mschap-v2
The pppd programs of these two versions also have different command line parameters.
If you upgraded from the old PPP-MPPE 2.4.0 package, Please modify the tunnels name that already exists in the/etc/ppp/options.ppt p and/etc/ppp/peers files, use the correct pppd parameter name related to MPPE support.
The Parameter options previously used in the PPTP client project are named for unofficial PPP with MPPE patches. Since then, the PPP project team has used their names to make them consistent with other pppd options.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
