linux下拔号pptp

参考:
VPN setup in Ubuntu – General introductio
http://docs.ucloud.cn/software/vpn/PPTP4CentOS.html
linux下拔号(pptp)
安装:
yum -y install ppp pptp


配置:
1、更改拨号用户信息文件
cd  /etc/ppp
vim  chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
hello   foo  test123  *

共有4个栏位,
VPN用户  VPN标识     VPN密码  IP
 
#foo为VPN标识,区分不同的VPN连接。
 
2、创建拨号配置文件foo(上述的VPN标识)
cd  /etc/ppp/peers
vim  foo

增加如下内容:
 
pty "pptp 10.161.185.155  --nolaunchpppd"
noauth
refuse-eap
require-mppe-128 
name hello
remotename foo
file /etc/ppp/options.pptp


参看:ubuntu wiki模板
 
pty "pptp YOUR_VPN_GATEWAY --nolaunchpppd"


debug


nodetach


logfd 2


noproxyarp


ipparam YOUR_COMPANY


remotename YOUR_COMPANY


name YOUR_DOMAIN_OR_SERVER_NAME\\YOUR_VPN_LOGIN


require-mppe-128


nobsdcomp


nodeflate


lock


noauth


refuse-eap


refuse-chap


refuse-mschap

 
#其中 10.161.185.155  为VPN服务器IP
#name字段后跟的是/etc/ppp/chap-secrets中的VPN账户名
#remotename为VPN标识,其他保持默认
还要更改options,不然老掉线
cat >/etc/ppp/options <<HERE
require-mppe
require-mppe-128
mppe-stateful
HERE


3、启动VPN客户端
root执行如下命令
pppd call foo
 
4、检查拨号结果,稍等10秒左右后,执行
如下命令检查:
[root@iZ23z4ezspcZ ppp]# ps -ef|grep pppd
root     13829     0 15:23 ?        00:00:00 pppd call lianyou
root     13830 13829  0 15:23 ?        00:00:00 pptp 10.162.40.230 --nolaunchpppd
root     13835     0 15:23 ?        00:00:00 pptp 10.162.40.230 --nolaunchpppd
root     14435 13256  0 15:38 pts/0    00:00:00 grep pppd

 
5、查看的vpn客户端IP
[root@iZ23z4ezspcZ ppp]# ifconfig ppp0
ppp0      Link encap:Point-to-Point Protocol 
          inet addr:192.168.10.102  P-t-P:192.168.10.100  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1396  Metric:1
          RX packets:35 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:1934 (1.8 KiB)  TX bytes:80 (80.0 b)

6. 添加路由
在处理路由的时候采用client to lan方式,需要增加对方lan的路由或者目标网络的路由.
route add -net 192.168.10.0 netmask 255.255.255.0 dev ppp0   #vpn 成功拔入后, client之间互通,如果不加则只能与vpn网官192.168.10.1互通

route del default gw 172.25.254.0 #删除系统定义的默认网关路由

route add default gw 192.168.10.1 #增加到vpn服务器的网关路由, vpn client访问外网,如果不加则不能访问外网





脚本1:ppp pptp自动安装配置
#################################################################
#!/bin/bash
#To install ppp pptp from yum automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-11
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#安装拔号软件ppp pptp
####################
echo "-----------------------------------------"
echo -e "\e[35;1mInstall ppp pptp\e[0m"
echo "-----------------------------------------"
sleep 1
Packages="ppp pptp"
for i in $Packages
do
    Flag=$(rpm -qa|grep $i)
    if [  "$Flag" == "" ];then
        yum -y install $i 2>/dev/null
        else
            echo -e "\e[31;1m$i\e[0m is \e[32;1minstalled\e[0m"
    fi
done

echo ""
echo ""
echo ""

####################
#配置拔号
####################
#后期维护,只需修改如下对应变量即可
Vpn_server=10.x.x.x
Vpn_user=test
Vpn_password=xxxxx
Vpn_flag=vpn

echo "-----------------------------------------"
echo -e "\e[35;1mConfiguring vpn\e[0m"
echo "-----------------------------------------"
sleep 1
echo "$Vpn_user $Vpn_flag $Vpn_password *" >/etc/ppp/chap-secrets
echo -e "Adding \e[31;1m$Vpn_flag\e[0m to /etc/ppp/chap-secrets"
sleep 1

cat >/etc/ppp/peers/$Vpn_flag <<HERE
pty "pptp $Vpn_server --nolaunchpppd"
noauth
refuse-eap
require-mppe-128
name $Vpn_user
remotename $Vpn_flag
file /etc/ppp/options.pptp
HERE
echo -e "Adding auth_info to \e[31;1m$Vpn_server\e[0m to /etc/ppp/peers/\e[31;1m$Vpn_flag\e[0m"
echo ""
echo -e "Configuration \e[32;1msuccessfully!\e[0m"


脚本2:ppp拔号后台监控及自动重拔(通过ping VPN网关)
#################################################################
#!/bin/bash
#To dail up VPN automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-14
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#配置拔号名称
####################
#后期维护,只需修改如下对应变量即可
Vpn_flag=vpn
Vpn_gateway=192.168.10.1
Aliyun_gateway=$(route -ne|grep -w UG|awk '{print $2}'|uniq -d)

####################
#定义相关函数
####################
pppd_start(){
killall pppd &>/dev/null
pppd call $Vpn_flag
}

pppd_route(){
route del default gw $Aliyun_gateway &>/dev/null
route add default gw $Vpn_gateway &>/dev/null
}

pppd_check(){
Flag=$(ping -c1 -i.3 -W1 $Vpn_gateway|grep loss|awk -F, '{print $3}'|awk -F% '{print $1}')
if [ "$Flag" -eq "0" ];then
    echo -e "\e[31;1m$Vpn_flag\e[0m is \e[32;1mup!\e[0m"
    else
        echo -e "Connecting \e[31;1m$Vpn_flag\e[0m ..."
        pppd_start
        sleep 5
        if [ "$Flag" -eq "0" ];then
            pppd_route
            else
                echo "... ..."
                echo -e "Connecting \e[31;1m$Vpn_flag\e[0m ..."
                sleep 5
                pppd_route
        fi
       
fi
}


####################
#函数调用
####################
while true
do
    pppd_check
    sleep 1
done

脚本3:ppp拔号后台监控及自动重拔(通过ppp0接口的存在状态)
#################################################################
#!/bin/bash
#To dail up VPN automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-14
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#配置拔号名称
####################
#后期维护,只需修改如下对应变量即可
export vpn_flag=vpn
export vpn_gateway=192.168.10.1
export aliyun_gateway=$(route -ne|grep -w UG|awk '{print $2}'|uniq -d)

####################
#定义相关函数
####################
pppd_start(){
killall pppd &>/dev/null
killall pppd &>/dev/null
pppd call $vpn_flag
}

pppd_route(){
route_flag=$(route -ne|awk '{print $2}'|grep $vpn_gateway)
if [ "$route_flag" != "$vpn_gateway" ];then
    route del default gw $aliyun_gateway &>/dev/null
    route add default gw $vpn_gateway &>/dev/null
fi
}

pppd_check(){
flag=$(ifconfig|grep ppp0)
ipaddr_ppp0=$(ifconfig ppp0 2>/dev/null|grep 'inet addr:'|awk '{print $2}'|cut -d: -f2)
#flag=$(ping -c2 -i1 -W1 $vpn_gateway|grep loss|awk -F, '{print $3}'|awk -F% '{print $1}')
if [ ! "$flag" == "" ];then
    echo -e "\e[31;1m$vpn_flag\e[0m is \e[32;1mup\e[0m with \e[33;1m$ipaddr_ppp0\e[0m"
    pppd_route
    else
        echo -e "Connecting \e[31;1m$vpn_flag\e[0m===>\e[32;1m$vpn_gateway\e[0m"
        pppd_start
        sleep 8
        ipaddr_flag=$(ifconfig ppp0 2>/dev/null|grep 'inet addr:'|awk '{print $2}'|cut -d: -f2)
        if [ -n "$ipaddr_flag" ];then
            pppd_route
            echo -e "Routing \e[31;1m$ipaddr_flag\e[0m===>\e[32;1m$vpn_gateway\e[0m"
        fi
       
fi
}


####################
#函数调用
####################
while true
do
    pppd_check
    sleep 5
done

#while true
#do
   flag_start=$(ifconfig|grep ppp0)
   if [  "$flag_start" == "" ];then
       pppd_start
       sleep 10
       pppd_route
       else
           for((i=1;i<=590;i++))
           do
               pppd_check
               sleep 1
               if [ "$i" == "590" ];then
                   echo -e "\e[31;1mRecall $vpn_flag\e[0m"
                   pppd_start
                   sleep 8
                   pppd_route
               fi
           done
   fi
#done
posted @ 2014-09-22 15:28  李庆喜  阅读(1563)  评论(0编辑  收藏  举报