Objective:
Build a single network card Linux gateway (transparent proxy), the gateway dial into an overseas VPN server, the client set the gateway, the network exit for the overseas VPN server, to achieve accelerated access to some Web sites.
Environmental information:
Hardware: One Dell Machine, single NIC (ip:10.39.100.253);
Machine Name: VPNGW
Operating system: CentOS 6.0 Kernel Linux 2.6.32-71.el6.
Debian uses pptp as the VPN Server-Linux Enterprise Application-Linux server application information. The following is a detailed description. 1. Since my system version is linux-image-2.6.18-6-686> Linux kernel 2.6.15-rc1, there is no need to manually install mppe and dkms
2. install the pptpd service apt-get install pptpd
3. Edit the/etc/pptpd. conf file.
Debian :~ # Cat/etc/pptpd. conf | grep-v "#"
Ppp
1. After the operation, we need to ensure that we have a VPN account, no users can apply for themselves. Next, we click on the WinXP computer "start" → "settings" → "Control Panel", in the Open interface, we double-click the "Network Connection" icon, and then select the left "network Connection" menu bar "create a new connection."
2. In the "Network connection type" Here we need to select "Connect to my Workplace network", "Network connection" her
To install the PPTP client and MPPE encryption module:
The code is as follows
Copy Code
OPKG UpdateOpkg Install PPTPOpkg Install Kmod-mppe
Add account number and password to config file:
The code is as follows
Copy Code
Cat/etc/ppp/chap-secrets#USERNAME PROVIDER PASSWORD IPAddressHaiyun.me VPN "haiyun.me" *
New dial-up configurati
/ubuntu/ karmic main restricted universe multiverse Deb - SRC http: // Mirrors.163.com/ubuntu/ karmic-security main restricted universe multiverse Deb - SRC http: // Mirrors.163.com/ubuntu/ karmic-Updates main restricted universe multiverse Deb - SRC http: // Mirrors.163.com/ubuntu/ karmic-proposed main restricted universe multiverse Deb - SRC http: // Mirrors.163.com/ubuntu/ karmic-backports main restricted universe multiverse
Please refer to the following link for m
Step 2: Open your Android phone[Settings]Function, Point[Wireless and network]
Step 2: select[Virtual private network settings]
Step 2: select[Add a virtual private network]
Step 2: select[Add VPN "PPTP "]
Step 2: select[Virtual Private Network Name]
Step 2: Set the virtual private network name,For example, suvpnCan be customized, click[OK]
Step 2: Set the VPC server address: Wangkangle.co
Many may not be familiar with the PPTP configuration in Linux. Below I have written a simple Shell script, which can be directly saved and executed by pptp. sh.
1. Script: yum remove-y pptpd pppIptables -- flush POSTROUTING -- table natIptables -- flush FORWARDRm-rf/etc/pptpd. confRm-rf/etc/pppYum-y install make libpcap iptables gcc-c ++ logrotate tar cpio perl pam tcp_wrappersYum-y dkms-2.0.17.5-1.noarch.r
Click "VPN connection" on the NIC to configure the VPNAdd, select "Point-to-Point Tunneling Protocol (PPTP)", and createConnection name: casualAutomatic Connection: selectGateway: VPN Server domain name or IP addressUser name: User NamePassword: PasswordNT domain: not filled
Note: Do not select available for all users. Otherwise, the connection fails.
Then click
Step 2: Click the apple icon in the upper left corner and select[System preference settings ...]
Step 2: Click[Network]
Step 2: Click[+ ],Interface Selection[VPN ],VPN Type Selection[PPTP ],Service name:Default (customizable)And then click[Create]
Step 2: Set[Server address:Wangkangle.com], [Account Name (Account sent to your mailbox)]And then click[Auth
The full name of VPN is "Virtual Private Network", and the Chinese name is "Virtual Private Network ". VPN can connect to the Internet through a special encrypted communication protocol, and establish a proprietary communication line between two or more intranets located in different places. He provides firewall functions, authentication, encryption, tunneling, and other functions.
[Installation]
The one-c
1. Add an extended repo file to the/etc/yum. repo directory. The content is as small
[Epel]Name = Extra Packages for Enterprise Linux 6-$ basearchBaseurl = http://download.fedoraproject.org/pub/epel/6/?basearch# Items list = https://mirrors.fedoraproject.org/metalink? Epel-6 arch = $ basearchFailovermethod = priorityEnabled = 1Gpgcheck = 1Gpgkey = file: // etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
[Epel-debuginfo]Name = Extra Packages for Enterprise Linux 6-$ basearch-DebugBaseurl = http://download.fe
Most of the logs for logging on to the linux pptp vpn user name pptpd are stored in files such as/var/log/messages,/var/log/daemon. However, after careful reading, the user name is not found in the logs, I don't know which account the user used to log on. So I looked at pppd man and found some environment variables, such as IPLOCAL and IPREMOTE. After testing, I found that PEERNAME is the user name, in this
Vpn pptp configuration, vpnpptpInstall
Yum install pptpdConfigure pptpd to modify/etc/pptpd. conf settings
Localip 192.168.00001remoteip 192.168.0000234-238,192.168 .0000245
The network segment does not conflict with the local network.Modify/etc/ppp/chap-secrets to configure user name Permissions
# Secrets for authentication using CHAP # client server secret IP addresses aca * jj1 password[Optional] Mod
I have been studying CCNP Security Firewall v1.0 recently. Now the research is complete! It is found that Cisco ASA 8.4 has changed a lot. It is more and more like the checkpoint firewall. The global access control list, whether it is NAT or recently, is exactly the same as that of the cp firewall. After the Firewall v1.0 study is completed, the next research goal is VPN v1.0, which mainly introduces VPN on
I. Overview:
Both ends of the headquarters and division are PIX8.0, all for De Chinglu, such as a telecommunications line, a mobile line, requiring telecommunications lines to go their own online internet traffic, mobile line to go VPN traffic, but if the telecommunications line failure, or mobile line failure, can not interrupt the Internet and VPN connection.
Two. Basic ideas:
A. Set two default gatewa
I. Overview:
Test the transparency of the Site-to-site VPN and the role of the wall, and through DHCP and OSPF to verify how the transparent wall to put the strategy.
Two. Basic ideas:
A. The VPN for the transparent wall is only for the management wall, that's all.
The b.arp can be automatically crossed to the transparent wall, so the
A. Test topology:
Reference Link: http://blog.sina.com.cn/s/blog_52ddfea30100gf4r.html
Http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_vpn_ac_802_1x.html
Two. Basic ideas:
A. Branch offices Configure Site-to-site VPN with headquarters and enable DHCP server and dot1x authentication
B.dhcp assign a different address pool based on whether or not to pass DOT1X authenticatio
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.