VPN Server

出自Centos

PPTP VPN 官方地址：http://poptop.sourceforge.net/

目录 1 添加pptp.repo仓库作为软件来源 2 安装服务器端 3 安装客户端 4 在linux添加VPN客户端连接

[编辑] 添加pptp.repo仓库作为软件来源

[root@localhost ~]# rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptp-release-4-2.rhel5.noarch.rpm
Retrieving http://poptop.sourceforge.net/yum/stable/rhel5/i386/pptp-release-4-2.rhel5.noarch.rpm
warning: /var/tmp/rpm-xfer.c5rn2l: Header V3 DSA signature: NOKEY, key ID 862acc                                                                             42
Preparing...                ########################################### [100%]
   1:pptp-release           ########################################### [100%]

通过上述将自己导入/etc/yum.repos.d/pptp.repo软件仓库设置

[编辑] 安装服务器端

[root@xingke ~]# yum -y install pptpd
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
 * poptop-stable: poptop.sourceforge.net
 * pptp-stable: pptpclient.sourceforge.net
 * rpmforge: fr2.rpmfind.net
 * base: 192.168.3.13
 * updates: 192.168.3.13
 * addons: 192.168.3.13
 * extras: 192.168.3.13
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package pptpd.i386 0:1.3.4-1.rhel5.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 pptpd                   i386       1.3.4-1.rhel5.1  poptop-stable      80 k

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 80 k
Downloading Packages:
(1/1): pptpd-1.3.4-1.rhel 100% |=========================|  80 kB    00:08
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 862acc42
Importing GPG key 0x862ACC42 "PPTP Software Signing Key <pptp@city-fan.org>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-PPTP
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: pptpd                        ######################### [1/1]

Installed: pptpd.i386 0:1.3.4-1.rhel5.1
Complete!

添加本地网卡和分配给VPN客户端的ip地址范围

[root@xingke ~]# vi /etc/pptpd.conf
在此文件末尾添加如下代码
localip 192.168.3.13
remoteip 192.168.3.234-238,192.168.3.245

添加VPN用户

[root@xingke ~]# vpnuser add vpnuser test0000

开启核心路由转发功能

[root@xingke ~]# vi /etc/sysctl.conf
修改net.ipv4.ip_forward = 1
或者直接运行echo 1 > /proc/sys/net/ipv4/ip_forward

启动VPN服务器进程

[root@xingke ~]# /etc/init.d/pptpd start
Starting pptpd:                                            [  OK  ]

查看VPN服务是否正确启动

[root@xingke ~]# netstat -tunlp | grep pptpd
tcp        0      0 0.0.0.0:1723                0.0.0.0:*                   LISTEN      6914/pptpd
[root@xingke ~]#

[编辑] 安装客户端

[root@localhost rpm-gpg]# yum -y install pptp
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
 * poptop-stable: poptop.sourceforge.net
 * pptp-stable: pptpclient.sourceforge.net
 * base: centos.candishosting.com.cn
 * updates: centos.candishosting.com.cn
 * addons: centos.candishosting.com.cn
 * extras: centos.candishosting.com.cn
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package pptp.i386 0:1.7.2-3.rhel5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 pptp                    i386       1.7.2-3.rhel5    pptp-stable        71 k

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 71 k
Downloading Packages:
(1/1): pptp-1.7.2-3.rhel5 100% |=========================|  71 kB    00:01
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 862acc42
Importing GPG key 0x862ACC42 "PPTP Software Signing Key
" from /etc/pki/rpm-gpg/RPM-GPG-KEY-PPTP
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: pptp                         ######################### [1/1]

Installed: pptp.i386 0:1.7.2-3.rhel5
Complete!

[编辑] 在linux添加VPN客户端连接

[root@localhost rpm-gpg]# pptpsetup --create pptpd --server xingke.dns0755.net  --username test --password test0000 --encrypt --start
Using interface ppp0
Connect: ppp0 <--> /dev/pts/2
CHAP authentication succeeded
MPPE 128-bit stateless compression enabled
local  IP address 192.168.1.235
remote IP address 192.168.1.24
[root@localhost rpm-gpg]#

启动拨号连接

[root@localhost rpm-gpg]#pppd call pptpd

由于拨号建立的是p-to-p链接，只添加了一条主机路由到主机，所以我们需要收到添加一个网段的路由

[root@localhost rpm-gpg]#route add -net 192.168.3.0 network 255.255.255.0 gw 192.168.3.13

上面的192.168.3.13是VPN服务器的点对点地址