centos6搭建VPN

时间:2021-01-06 14:38:18

1,检查是否开启PPP

#cat /dev/ppp
 cat: /dev/ppp: No such device or address  //表示已经开启

2,安装ppp和iptables

#yum install ppp

3,安装pptp

# rpm -ivh ftp://ftp.icm.edu.pl/vol/rzm5/linux-fedora/linux/epel/6/i386/pptpd-1.4.0-3.el6.i686.rpm

4,配置pptp

去掉“#”使102,103行生效

 # (Recommended)
 localip 192.168.0.1
 remoteip ,192.168.0.245
 # or
 #localip ,192.168.0.245
 #remoteip ,192.168.1.245

更改dns

 # vim /etc/ppp/options.pptpd
 38 # Require MPPE 128-bit encryption
 39 # (note that MPPE requires the use of MSCHAP-V2 during authentication)
 40 #require-mppe-128  //注释掉
 # If pppd is acting as a server for Microsoft Windows clients, this
  # option allows pppd to supply one or two DNS (Domain Name Server)
  # addresses to the clients.  The first instance of this option
  # specifies the primary DNS address; the second instance (if given)
  # specifies the secondary DNS address.
  ms-dns 8.8.8.8      //更改为谷歌DNS
  ms-dns 8.8.4.4

5,添加vpn账号,密码

# vim /etc/ppp/chap-secrets 

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses  用户名         pptpd    密码                     *

6,修改内核设置,使其支持转发

vim /etc/pptpd.confnet.ipv4.ip_forward = 1
#net.ipv4.tcp_syncookies = 1  //注释掉

7,配置iptables转发规则

iptables -t nat -A POSTROUTING -s  -j SNAT --to-source  "vpsIP"service iptables save 

8,设置pptp和iptables开机自启动

#chkconfig pptpd on
#chkconfig iptables on#service pptpd restart#service iptables restart