 |
Welcome to A!Die Software Studio |
CentOS 配置 PPTP
by adie
2011-05-10 12:12:28
2011-05-10 12:12:28
1. 确认内核包含 mmpe
$ sudo modprobe ppp-compress-18 && echo ok
2. 确认安装了 ppp 和 iptables
$ yum list ppp iptables
3. 安装 pptp
$ wget http://downloads.sourceforge.net/project/poptop/pptpd/pptpd-1.3.4/pptpd-1.3.4.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fpoptop%2Ffiles%2Fpptpd%2Fpptpd-1.3.4%2F&ts=1304911453&use_mirror=nchc
$ tar -zxvf pptpd-1.3.4.tar.gz
$ cd pptpd-1.3.4
$ ./configure
$ make
$ sudo make install
4 配置 pptp
$ sudo vi /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
ms-dns 61.139.2.69
ms-dns 8.8.8.8
$ sudo vi /etc/pptpd.conf
option /etc/ppp/options.pptpd
#logwtmp
localip 192.168.8.1
remoteip 192.168.8.2-250
$ sudo vi /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
<username> pptpd <password> *
$ sudo vi /etc/sysctl.conf 修改
net.ipv4.ip_forward = 1
$ sysctl -p
$ sudo iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
$ sudo iptables -A INPUT -p tcp --dport 47 -j ACCEPT
$ sudo iptables -A INPUT -p gre -j ACCEPT
$ sudo iptables -t nat -A POSTROUTING -s 192.168.8.0/24
$ sudo /etc/init.d/iptables save
$ sudo /etc/init.d/iptables restart
5. 启动服务器
$ sudo /usr/local/sbin/pptpd start
6. 出现 619 错误
$ sudo rm /dev/ppp
$ sudo mknod /dev/ppp c 108 0
7. NAT 转发
$ sudo /sbin/iptables -t nat -A POSTROUTING -s 192.168.8.1/255.255.255.0 -j SNAT --to-source <服务器外网地址>
8. 不能解析域名的问题, 服务器需要打开 53 的 UDP 端口
$ sudo iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
