1.安装ppp服务及相关组件
yum install -y ppp iptables
2.下载pptpd最新版本的rpm包(pptpd最新安装包地址)
wget -c
http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.i386.rpm
上面的地址要翻墙后才可以访问
-c 参数为断点续传
wget
http://files.doylenet.net/linux/yum/centos/5/i386/doylenet/pptpd-1.3.4-1.i386.rpm (如果上面的找不到,就用这个连接)
如没有wget命令 :yum -y install wget 安装
3.安装下载好的rpm包
rpm -ivh pptpd-1.3.4-2.rhel5.i386.rpm
4.设置pptpd解析用的dns(把ms-dns前的#号去掉,#号代表注释,填上opendns的服务器地址)
vi /etc/ppp/options.pptpd
ms-dns 208.67.222.222
ms-dns 208.67.220.220
5.设置拨号时候用的:用户名、拨号方式、用户密码、来源ip地址(用户名和密码可以随便设置,拨号方式只能填pptpd,来源ip用*号代表不限制)
vi /etc/ppp/chap-secrets
myusername pptpd mypassword *
6.设置本地ip和远端ip(本地ip就是你等一下建立拨号后分配给你的,远端ip是分配给服务器的)
vi /etc/pptpd.conf
localip 192.168.9.1
remoteip 192.168.9.11-30
7.设置ip转发状态为生效,然后立即载入(和第9步的NAT转发有关)
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -p
8.启动pptpd服务,并且设置为开机启动
/sbin/service pptpd start
chkconfig pptpd on
9.启动iptables规则,设置NAT转发,然后保存(iptables本身就是开机启动的,不需要再用chkconfig iptables on了)
/sbin/service iptables start
/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 192.168.9.0/24 -j MASQUERADE
service iptables save
10.在windows下本地连接里建立vpn拨号,输入用户名和密码,就连接上了。
网上看到的可以自己写脚本,让电脑自动安装,供大家参考
#!/bin/bash function installVPN(){ yum remove -y pptpd ppp iptables –flush POSTROUTING –table nat iptables –flush FORWARD rm -rf /etc/pptpd.conf rm -rf /etc/ppp* yum install -y ppp iptables echo 1 > /proc/sys/net/ipv4/ip_forward cd /tmp wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm rpm -ivh pptpd-1.3.4-2.el6.x86_64.rpm cat >/etc/ppp/options.pptpd<<END name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 proxyarp lock nobsdcomp novj novjccomp nologfd END cat >/etc/pptpd.conf<<END option /etc/ppp/options.pptpd logwtmp localip 10.10.10.1 remoteip 10.10.10.205-254 END iptables -t nat -A POSTROUTING -s 10.10.10/8 -o eth0 -j SNAT –to-source `ifconfig | grep ‘inet addr:’| grep -v ’127.0.0′ | cut -d: -f2 | awk ‘NR==2 { print $1}’` iptables -A FORWARD -s `ifconfig | grep ‘inet addr:’| grep -v ’127.0.0′ | cut -d: -f2 | awk ‘NR==2 { print $1}’`/32 -o eth0 -j ACCEPT service pptpd start chkconfig –level pptpd 2345 on chkconfig pptpd on service iptables save chkconfig iptables on service iptables start } function addVPNuser(){ echo “input user name:” read username echo “input pass<a href="http://www.it165.net/edu/ebg/" target="_blank" class="keylink">word</a>:” read userpass<a href="http://www.it165.net/edu/ebg/" target="_blank" class="keylink">word</a> echo “${username} pptpd ${userpassword} *” >> /etc/ppp/chap-secrets service pptpd restart-kill service pptpd start service iptables restart } echo “which do you want to ? input the number.” echo “1. install VPN service” echo “2. add VPN user” read num case “$num” in [1] ) (installVPN);; [2] ) (addVPNuser);; *) echo “nothing,exit”;; esac bash echo “Your VPN server configuration is complete,The default user password vpnuser as test123 Please run the script again to add custom user”