yum -y install wget perl
cd /usr/local/src
wget http://poptop.sourceforge.net/yum/beta/packages/ppp-2.4.5-33.0.rhel6.x86_64.rpm
rpm -Uvh ppp-2.4.5-33.0.rhel6.x86_64.rpm
wget http://poptop.sourceforge.net/yum/beta/packages/pptpd-1.4.0-1.rhel5.1.x86_64.rpm
rpm -Uvh pptpd-1.4.0-1.rhel5.1.x86_64.rpm
설정
/etc/pptpd.conf
/etc/ppp/options.pptpd
/etc/ppp/chap-secrets
/etc/sysctl.conf
vi /etc/pptpd.conf
68 connections 100
102 localip 192.168.8.129
103 remoteip 192.168.8.1-254
vi /etc/ppp/options.pptpd
66 ms-dns 8.8.8.8
67 ms-dns 8.8.4.4
vi /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
chris * chrispass *
vi /etc/sysctl.conf
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
[root@docker-vm ~]# sysctl -p
net.ipv4.ip_forward = 1
/etc/init.d/pptpd restart
vi /etc/selinux/config
SELINUX=disabled
vi /etc/sysconfig/iptalbes
service iptables restart
chkconfig pptpd on
=======================================================
How to setup VPN server (PPTP on CentOS, RedHat and Ubuntu)?
This howto describes the steps in how to setup a PPTP VPN on Centos, Fedora, Debian, and Ubuntu with basic RSA authentication.
Before the installation make sure to have your Yum repos updated with the Epel repos.
CentOS and Red Hat Enterprise Linux 6.x
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm && sudo rpm -Uvh epel-release-6*.rpm
CentOS and Red Hat Enterprise Linux 7.x
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm && sudo rpm -Uvh epel-release-7*.rpm
Step 1. Install PPTPD
CentOS/RedHat 5:
yum install pptpd.x86_64 -y
CentOS/RedHat 6:
yum install pptpd.x86_64 -y
Fedora 20:
yum install pptpd.x86_64 -y
Ubuntu/Debian:
apt-get install pptpd
Step 2. Edit IP setttings in /etc/pptpd.conf
echo > /etc/pptpd.conf
아래 라인들을 붙여넣기 하라.
#start of custom file
#logwtmp
option /etc/ppp/options.pptpd
localip 192.168.0.1 # local vpn IP
remoteip 192.168.0.100-200 # ip range for connections
listen 23.216.x.x # eth0 my example public IP and network interface
#end of custom file
Step 3. Add user account in/etc/ppp/chap-secrets (assign username and password)
vi /etc/ppp/chap-secrets
usernameForuser1 * setpassword1here *
usernameForuser2 * setpassword2here *
Step 4. Optional settings in /etc/ppp/options.pptpd
echo > /etc/ppp/options.pptpd
아래의 옵션을 설정하라.
#custom settings for a simple fast pptp server
ms-dns 8.8.8.8
ms-dns 4.2.2.2
lock
name pptpd
require-mschap-v2
# Require MPPE 128-bit encryption
# (note that MPPE requires the use of MSCHAP-V2 during authentication)
require-mppe-128
Step 5. Enable network forwarding in /etc/sysctl.conf
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
use the following command to apply the change:
sysctl -p
Step 6. Configure firewall
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
Step6-Ubuntu/Debian: Firewall
apt-get install iptables-persistent
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && /etc/init.d/iptables-persistent save
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT && iptables -A INPUT -i eth0 -p gre -j ACCEPT && iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
If you are using CSF firewall, you may refer to this post on firewall settings.
Step 7. Start PPTP VPN server
Fedora/Debian:
service pptpd restart
Centos/Fedora:
/etc/init.d/pptpd restart-kill && /etc/init.d/pptpd start
Note: To avoid starting pptp on every reboot you can automated by running chkconfig pptp on
Now you can test the VPN server from any client: Windows PCs, Linux PCs, Android phones/tablets, or iPhone and iPad.
The log of the VPN server, by default, is combined with system log located at /var/log/messages.
