This article describes how to configure packet filter support for PPTP VPN clients.
The Windows Server 2003 Routing and Remote Access service supports virtual private networks (VPNs). VPN clients can use Point-to-Point Tunneling Protocol (PPTP), second-tier Tunneling Protocol (L2TP), and IP Security (IPSEC) to create
PPTP VPN I believe a lot of friends have heard, today I would like to introduce you to CentOS 6.4 to install PPTP and configure the Debian GNOME desktop VPN Client Connection example, I hope that the following will help you.
The following is based on the Linode VPS Centos
entries
# Secrets for authentication using CHAP# Client Server Secret IP addressesVpnusername pptpd Vpnpassword *
Vpnusername is your VPN account, Vpnpassword is your VPN login password and will use this account and password when configuring the client.
3. Configure PPTP
This article describes in detail how to install a VPN client in CentOS (note that it is not a VPN server)1. Install software[Root @ webserver ~] # Yum install ppp pptp-setup2. Register the ppp_mppe kernel module[Root @ webserver ~] # Modprobe ppp_mppe3. Create a VPN connecti
Objective:
Build a single network card Linux gateway (transparent proxy), the gateway dial into an overseas VPN server, the client set the gateway, the network exit for the overseas VPN server, to achieve accelerated access to some Web sites.
Environmental information:
Hardware: One Dell Machine, single NIC (ip:10.39.100.253);
Machine Name: VPNGW
Operating s
To install the PPTP client and MPPE encryption module:
The code is as follows
Copy Code
OPKG UpdateOpkg Install PPTPOpkg Install Kmod-mppe
Add account number and password to config file:
The code is as follows
Copy Code
Cat/etc/ppp/chap-secrets#USERNAME PROVIDER PASSWORD IPAddressHaiyun.me VPN "h
LinuxLowerVPNClient (p t p) Configuration
Linux: Kernel kernel-2.6.9-42.EL
You can go to the site: http: // pptpclient.sourceforge.net/
Required software:
Kernel-devel-2.6.9-42.EL (built-in system)
Dkms-2.0.10-2.fc5.noarch.rpm
Dernel_ppp_mppe-0.0.5-2dkms.noarch.rpm
The above three files are usually installed when you set up the Linux VPN Server. You can run the # rpm-Q command to view them.
(Example: # rpm-Q dkms)
1. Add an extended repo file to the/etc/yum. repo directory. The content is as small
[Epel]Name = Extra Packages for Enterprise Linux 6-$ basearchBaseurl = http://download.fedoraproject.org/pub/epel/6/?basearch# Items list = https://mirrors.fedoraproject.org/metalink? Epel-6 arch = $ basearchFailovermethod = priorityEnabled = 1Gpgcheck = 1Gpgkey = file: // etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
[Epel-debuginfo]Name = Extra Packages for Enterprise Linux 6-$ basearch-DebugBaseurl = http://download.fe
Next to the content in the previous section:
What is PPTP?
The following is an official explanation of Microsoft (the first draft submitted by Microsoft ):
Point-to-Point Tunneling Protocol (PPTP) is a network protocol thatEnables the secure transfer of data from a remote client to a private enterprise serverBy creating a virtualPrivate Network (
/PPP/options. Find the "MS-DNS" project in it:
MS-DNS 8.8.8.8MS-DNS 8.8.4.4
# Allow forwarding, edit/etc/sysctl. conf, and check whether the net. ipv4.ip _ forward parameter is 1, or directly execute the following command to view
Sysctl net. ipv4.ip _ forward
# If the output is 0, modify net. ipv4.ip _ forward in/etc/sysctl. conf, change 0 to 1, and then run the following command.
Sysctl-P
# Finally, run this command to enable iptables forwarding support:
/Sbin/iptables-T Nat-A postrouting-s 1
office network, such as the company's OA system Operations Personnel remote dial to IDC Computer room, remote maintenance server ( 2) VPN between intra-enterprise network VPN Service company branch office LAN and head office LAN connections, such as business settlement between major supermarkets(3) internet company multiple IDC room VPN service between dif
Pptp settings and local vpn (and solve the problem that ssh cannot access the remote host under the vpn)1. Install pptpSudo apt-get install-y ppp pptpdsudo vim/etc/pptpd. conf modification: option/etc/ppp/pptpd-optionslocalip 172.31.26.19 (local vpn address) remoteip 172.31.26.20-200 (
of technology, coupled with a number of like-minded friends, and rent a not too high-end VPS self-built server, should still be below the same time to buy the domain name, web hosting and VPN the cost of the sum. This is the first month, we will be familiar with the technology, do a variety of tests, learn more to send some technical articles, for the same idea of friends for reference.
Body
In Google's misery swim two days and nights, and finally
Pptp settings and local vpn (and solve the problem that ssh cannot access the remote host under the vpn), pptpssh1. Install pptpSudo apt-get install-y ppp pptpdsudo vim/etc/pptpd. conf modification: option/etc/ppp/pptpd-optionslocalip 172.31.26.19 (local vpn address) remoteip 172.31.26.20-200 (
OA system remotely dial to the IDC room and remotely maintain the server. 2) VPN service between the Intranet of the company's branches and the LAN of the company's headquarters. For example, business settlement among major supermarkets 3) Internet companies VPN between multiple IDCs to serve business management and business access between different IDCs, data flow 4) external
are encrypted with IPSec. An internet-based PPTP server is a VPN server that uses the PPTP protocol, one with an interface on the Internet and another interface on an intranet.
PPTP connection process and tunnel maintenance
The PPTP control connection is established bet
, pay attention to the network conditions between two encrypted tunnels. If there is a high latency or a large number of packet loss, select TCP as the underlying protocol, due to the absence of connection and retransmission mechanisms, UDP protocol is inefficient because it requires the upper-layer protocol to be retransmitted. OpenVPN is a pure application-layer VPN protocol based on SSL encryption. It is a type of ssl
shortcuts in ranges! Ie. 234-8 does not mean 234 to 238,# You must type 234-238 if you mean this.##4. If you give a single localIP, that's OK-all local IPs will# Be set to the given one. You MUST still give at least one remote# IP for each simultaneous client.## (Recommended)# Localip 192.168.0.1# Remoteip 192.168.0.234-238,192.168 .0.245# Or# Localip 192.168.0.234-238,192.168 .0.245# Remoteip 192.168.1.234-238,192.168 .1.245Localip 10.192.168.1R
is as follows:
Iptables-t nat-a postrouting-s 192.168.85.0/24 (PPTP client IP-j SNAT--to 192.168.0.105 (to issue public network IP)
We then enter the following instructions to let iptables save our forwarding rules so that we do not need to add them again after restarting the system:
The code is as follows:
#/etc/init.d/iptables Save
Then we restart Iptables:
The code is as follows:
#/etc/init.d/ipt
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.