Share my knowledge, feel my life. Eric Shan' Blog myBloggie 2.1.6 © 2005   
 Time [GMT +8] : 30 Apr , 18:48:48 | Home | Admin | myWebland  
Mar 2025 April 2025 May 2025
S M T W T F S
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30    
Categories
About[5]
Blackberry[1]
dotNet and C Charp[1]
IPhone[10]
Life[4]
Unix&Linux[19]
WEB programming[16]
Windows API[5]
Windows Mobile[1]
Windows Multimedia[4]
Recent
CentOS mount CDrom and USB
CentOS GHOST(幽灵)漏洞修复方法
centos 改变语言并立即生效
centos vpn 接通后无法连接internet
让vlc播放中文字幕不出乱码
centos 取消屏保
php中ob_flush和flush的用法
CentOS检查,添加,删除自启动服务
CentOS中开机自动启动某个服务
Top命令中的翻页
Archives
February 2010[4]
September 2009[1]
August 2009[1]
January 2009[7]
October 2008[10]
June 2008[2]
December 2007[14]
November 2007[5]
May 2007[9]
April 2007[3]
March 2007[10]
User List
Eric Shan[66]
Search
Syndication
07 Oct 2014 11:56:58 am
CentOS VPN setup
1.开通TUN/TAP,开通PPP

2.安装相关软件包

32位版:
# yum install -y ppp libpcap iptables
# wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.i386.rpm
# rpm -ivh pptpd-1.3.4-2.rhel5.i386.rpm
64位版:
# yum install -y ppp libpcap iptables
# wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm
# rpm -ivh pptpd-1.3.4-2.rhel5.x86_64.rpm

如果发生PPP版本不对,可以查看http://poptop.sourceforge.net/yum/stable/rhel5Server/选取合适版本,一本同目录下有ppp包,如ppp-2.4.4-14.1.rhel5.x86_64.rpm


3.配置文件编写
①、配置文件/etc/ppp/options.pptpd
# mv /etc/ppp/options.pptpd /etc/ppp/options.pptpd.bak
# vim /etc/ppp/options.pptpd
输入以下内容:

name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
idle 2592000
ms-dns 8.8.8.8
ms-dns 8.8.4.4
#这里的DNS可以查看服务器本机使用的DNS地址。

②、配置文件# /etc/ppp/chap-secrets
# mv /etc/ppp/chap-secrets /etc/ppp/chap-secrets.bak
# vim /etc/ppp/chap-secrets
输入以下内容

# Secrets for authentication using CHAP
# client server secret IP addresses
myusername pptpd mypassword *

注:这里的myusername和mypassword即为PPTP VPN的登录用户名和密码, 改成你自己的。

③、配置文件/etc/pptpd.conf
# mv /etc/pptpd.conf /etc/pptpd.conf.bak
# vim /etc/pptpd.conf
输入以下内容:

option /etc/ppp/options.pptpd
logwtmp
localip 192.168.80.1
remoteip 192.168.80.11-30

注:为拨入VPN的用户动态分配192.168.80.11~192.168.80.30之间的IP

④、配置文件/etc/sysctl.conf
# vim /etc/sysctl.conf
修改以下内容:
net.ipv4.ip_forward = 1
保存、退出后执行:
sysctl -p


3、启动PPTP VPN 服务器端:

(# /etc/init.d/pptpd start)

service iptables start
# restart the firewall
service iptables restart
# stop the firewall
service iptables stop

4、设置iptables规则并重启:如果没有iptables文件,执行

/sbin/service iptables save

编辑iptables
# vim /etc/sysconfig/iptables
文件尾部,commit前加入下列规则:

-A POSTROUTING -s 192.168.80.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -o venet0 -j MASQUERADE

5.最后配置windows PPTP VPN客户端

参考:
http://www.ha97.com/4722.html
FW configurations: http://www.cyberciti.biz/faq/rhel-fedorta-linux-iptables-firewall-configuration-tutorial/
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-sysconfig-iptables.html
Category : Unix&Linux | Posted By : Eric Shan | Comments [0] | Trackbacks [0]
Trackbacks
The URI to TrackBack this entry is :
http://blog.tntsoft.com/trackback.php/53
Comments

Add Your Comment

Subject

Comments

Name

Email Address (Optional)

Home Page (Optional)

Security Code

Please enter the security code as displayed :
Template theme : aura
Powered by myBloggie Copyright © 2004 2006
-- myWebland --

Sponsed by TNTSoft Store