07-pptp服务器部署
1.安装pptp软件
[root@nat ~]# yum install ppp pptpd -y
2.配置pptpd.conf
[root@nat ~]# vim /etc/pptpd.conf # (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or #localip 192.168.0.234-238,192.168.0.245 #remoteip 192.168.1.234-238,192.168.1.245 # 加入这2行 localip 192.168.0.1 remoteip 192.168.0.234-238,192.168.0.245
3.配置pptpd的DNS
[root@nat ~]# vim /etc/ppp/options.pptpd #ms-dns 10.0.0.1 #ms-dns 10.0.0.2 # 增加这2行 ms-dns 223.5.5.5 ms-dns 223.6.6.6
4.配置vpn账号
[root@nat ~]# vim /etc/ppp/chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses # 格式,用户名,协议,密码,地址 test pptpd 123456 * xiaoyi pptpd pinhu *
5.修改内核,使其支持转发
[root@nat ~]# vim /etc/sysctl.conf net.ipv4.ip_forward = 0 inet.ipv4.tcp_syncookies = 1 # 修改成如下2行 net.ipv4.ip_forward = 1 #inet.ipv4.tcp_syncookies = 1
6.生效
[root@nat ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
vm.swappiness = 0
net.ipv4.neigh.default.gc_stale_time = 120
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.tcp_synack_retries = 2
net.ipv4.conf.lo.arp_announce = 2
7.增加iptables转发规则
[root@nat ~]#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
[root@nat ~]# /etc/init.d/iptables save
[root@nat ~]# /etc/init.d/iptables restart
8.启动pptpd,并开机自启动
[root@nat ~]# /etc/init.d/pptpd restart [root@nat ~]# chkconfig pptpd on [root@nat ~]# chkconfig iptables on
参考资料
centos客户端vpn配置
浙公网安备 33010602011771号