本文詳細介紹在CentOS裡安裝VPN的用戶端(注意,不是搭建VPN伺服器)
1.安裝軟體
[root@webserver ~]# yum install ppp pptp pptp-setup
2.註冊ppp_mppe kernel module
[root@webserver ~]# modprobe ppp_mppe
3.建立VPN串連
自訂串連名:vpn
PPTP Server:123.456.78.90
使用者名稱:sun
密碼:123456
[root@webserver ~]# pptpsetup --create vpn --server 123.456.78.90 --username sun --password 123456
4.配置VPN開啟關閉指令碼
[root@webserver ~]# cp /usr/share/doc/ppp-2.4.5/scripts/pon /usr/sbin/
[root@webserver ~]# cp /usr/share/doc/ppp-2.4.5/scripts/poff /usr/sbin/
[root@webserver ~]# chmod +x /usr/sbin/pon
[root@webserver ~]# chmod +x /usr/sbin/poff
5.開啟VPN串連
[root@webserver ~]# pon vpn
6.驗證串連是否成功
[root@webserver ~]# ip a | grep ppp
如果上面命令沒有任何返回,則說明串連失敗了,可以查看/var/log/message檔案查詢錯誤原因
[root@webserver ~]# tailf /var/log/messages
(1)服務端不支援MPPE
若報錯資訊為:
[root@webserver ~]# MPPE required but peer negotiation failed
說明服務端不支援MPPE加密,pptpsetup時不需要使用—encrypt選項。可以修改/etc/ppp/peers/vpn檔案,注釋掉
[root@webserver ~]# #require-mppe-128
(2)用戶端不支援MPPE
若報錯資訊為:
[root@webserver ~]# LCP terminated by peer (MPPE required but peer refused)
說明服務端要求MPPE加密,但是用戶端不支援,pptpsetup時漏掉了–encrypt選項。修改/etc/ppp/peers/vpn檔案添加一行
[root@webserver ~]# require-mppe-128
然後重啟VPN串連
[root@webserver ~]# poff vpn
[root@webserver ~]# pon vpn
7.配置預設路由,讓全部流量都通過VPN
串連成功後,查看路由
[root@webserver ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
123.456.78.90 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.0.0 U 1 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
會發現多了一個虛擬網口ppp0,然後再添加一個預設路由
[root@webserver ~]# route add -net 0.0.0.0 dev ppp0
重啟VPN
8.測試
可以ping通Google,成功!
[root@webserver ~]# ping www.google.com -c 3
PING www.google.com (216.58.221.132) 56(84) bytes of data.
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq=1 ttl=54 time=155 ms
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq=2 ttl=54 time=164 ms
64 bytes from hkg07s02-in-f4.1e100.net (216.58.221.132): icmp_seq=3 ttl=54 time=174 ms
--- www.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2177ms
rtt min/avg/max/mdev = 155.234/164.742/174.020/7.671 ms
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
