会员投稿
投稿指南CentOS 下配置PPTP VPN服务器文档
一、利用rpm包进行安装
1.准备
root@CentOS /root # vim /etc/sysctl.conf
net.ipv4.ip_forward = 1 //将0置为1,打开IP转发功能
root@CentOS /root # /sbin/sysctl –p //使其立即生效
root@CentOS /root # modprobe ppp-compress-18 && echo ok
ok //确认MPPE补丁是否有安装成功,如OK继续下一步
root@CentOS /root # strings \'\'/usr/sbin/pppd\'\'|grep -i mppe|wc –lines
42 //检查PPP是否支持MPPE,输出大于等于“30”则表示支持
以上如果不成功,则分别下载以下软件进行安装或升级
http://poptop.sourceforge.net/yum/stable/rhel5/i386/dkms-2.0.17.5-1.noarch.rpm
ftp://ftp.ntua.gr/pub/net/poptop/mppe%20module%20builder/kernel_ppp_mppe-1.0.2%20dkms-2.0.6/kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm
http://poptop.sourceforge.net/yum/stable/rhel5/i386/ppp-2.4.4-14.1.rhel5.i386.rpm
官方网站:
http://poptop.sourceforge.net/
http://poptop.sourceforge.net/yum/
http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptpd-1.3.4-2.rhel5.i386.rpm
root@CentOS /root # wget http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptpd-1.3.4-2.rhel5.i386.rpm
root@CentOS /root # rpm -ivh pptpd-1.3.4-2.rhel5.i386.rpm
root@CentOS /root # rpm -ql pptpd
/etc/ppp/options.pptpd //选项配置文件
/etc/pptpd.conf //主配置文件
/etc/rc.d/init.d/pptpd
/usr/bin/vpnstats.pl
/usr/bin/vpnuser
/usr/lib/pptpd/pptpd-logwtmp.so
/usr/sbin/bcrelay
/usr/sbin/pptp-portslave
/usr/sbin/pptpctrl
/usr/sbin/pptpd //主程序
/usr/share/doc/pptpd-1.3.4
/usr/share/doc/pptpd-1.3.4/AUTHORS
/usr/share/doc/pptpd-1.3.4/COPYING
/usr/share/doc/pptpd-1.3.4/ChangeLog
/usr/share/doc/pptpd-1.3.4/INSTALL
/usr/share/doc/pptpd-1.3.4/README
/usr/share/doc/pptpd-1.3.4/README.bcrelay
/usr/share/doc/pptpd-1.3.4/README.cvs
/usr/share/doc/pptpd-1.3.4/README.inetd
/usr/share/doc/pptpd-1.3.4/README.logwtmp
/usr/share/doc/pptpd-1.3.4/README.portslave
/usr/share/doc/pptpd-1.3.4/README.slirp
/usr/share/doc/pptpd-1.3.4/TODO
/usr/share/doc/pptpd-1.3.4/samples
/usr/share/doc/pptpd-1.3.4/samples/chap-secrets
/usr/share/doc/pptpd-1.3.4/samples/options.pptpd
/usr/share/doc/pptpd-1.3.4/samples/pptpd.conf
/usr/share/man/man5/pptpd.conf.5.gz
/usr/share/man/man8/pptpctrl.8.gz
/usr/share/man/man8/pptpd.8.gz
2.配置
(1)主配置文件
root@CentOS /root # grep -v \'#\' /etc/pptpd.conf |grep -v \'^$
option /etc/ppp/options.pptpd //指定选项配置文件路径。
logwtmp
localip 192.168.10.155 //指定侦听IP
remoteip 10.10.8.1-10 0 //客户端被分配的IP地址范围
(2)选项配置文件
root@CentOS /root # grep -v \'#\' /etc/ppp/options.pptpd |grep -v \'^$
name pptpd //指定PPTP服务器名称
refuse-pap //拒绝使用pap验证
refuse-chap //拒绝使用chap验证
refuse-mschap //拒绝使用mschap验证
require-mschap-v2 //要求使用mschap-v2验证
require-mppe-128 //要求加密长度为128bit
ms-dns 202.96.128.166 //指定客户端获取的DNS1
ms-dns 8.8.8.8 //指定客户端获取的DNS2
proxyarp //打开ARP代理
debug //打开debug调试模式,默认写进/var/log/message,便于排错
lock //锁定客户端 PTY 设备文件
nobsdcomp //禁用 BSD 压缩模式
novj
novjccomp //禁用 Van Jacobson 压缩模式
nologfd //禁止将错误信息记录到输出标准错误(stderr)。
(3)用户名及密码配置文件(调用pppd进行验证)
root@CentOS /root # cat /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
yuanliang * yuanliang *
//第一个*表示自动获取服务器名称,如果配置则配置选项文件中配置的那个名字。
//第二个*表示由服务器随机分配IP地址,当然也可以指定用户获取到某个IP。
(4) 分离出pptpd的debug日志
root@CentOS /root # vim /etc/syslog.conf
daemon.debug /var/log/pptpd.log //追加此行至末尾
root@CentOS /root # service syslog restart //重启日志服务
root@CentOS /root # tail -f /var/log/pptpd.log //客户端拨号时将记录以下debug日志
Aug 22 12:26:01 CentOS pptpd[25149]: MGR: Manager process started
Aug 22 12:26:01 CentOS pptpd[25149]: MGR: Maximum of 100 connections available
Aug 22 12:29:30 CentOS pptpd[25160]: MGR: Launching /usr/local/pptpVPN/sbin/pptpctrl to handle client
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: local address = 192.168.10.155
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: remote address = 10.10.8.1
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: pppd options file = /usr/local/pptpVPN/etc/options.pptpd
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Client 10.1.1.2 control connection started
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Received PPTP Control Message (type: 1)
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Made a START CTRL CONN RPLY packet
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: I wrote 156 bytes to the client.
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Sent packet to client
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Received PPTP Control Message (type: 7)
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Made a OUT CALL RPLY packet
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Starting call (launching pppd, opening GRE)
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: pty_fd = 6
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: tty_fd = 7
Aug 22 12:29:30 CentOS pptpd[25161]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Aug 22 12:29:30 CentOS pptpd[25161]: CTRL (PPPD Launcher): local address = 192.168.10.155
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: I wrote 32 bytes to the client.
Aug 22 12:29:30 CentOS pptpd[25161]: CTRL (PPPD Launcher): remote address = 10.10.8.1
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Sent packet to client
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Received PPTP Control Message (type: 15)
Aug 22 12:29:30 CentOS pptpd[25160]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Aug 22 12:29:30 CentOS pppd[25161]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Aug 22 12:29:30 CentOS pppd[25161]: pppd 2.4.4 started by root, uid 0
Aug 22 12:29:30 CentOS pppd[25161]: Using interface ppp0
Tags:
- CentOS 升级python2.6 到最新的python3.3
- linux iptables 保存 删除规则命令
- 阿里云ECS iptables 端口映射转发实现共享IP 访问内网
- rsync本地同步目录镜像
- Nginx+Tomcat+Session 高性能群集搭建(测试通过)
- 《Cisco/H3C交换机配置与管理完全手册(第2版)》终稿
- Linux用户、用户组和文件权限控制的学习
- 取消Windows服务器非正常启动后的原因选择
- CentOS5.5下DNS配置(初级篇)
- linux配置时间服务器(ntp)
- 在Windows Server 2008中创建密码重设盘 刘道军
- 使用密码重设盘重设密码
- Linux常用实际命令(个人整理)
- check client group policies
- 企业生产环境利用ATIES对服务器进行远程备份