Table of Contents
安装前检查系统
# cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
是否支持PPTP
# modprobe ppp-compress-18 && echo support
support
是否开启TUN/TAP
# ls /dev/net/tun && echo support
/dev/net/tun
support
是否开启ppp
# ls /dev/ppp && echo support
/dev/ppp
support
如果环境不满足上面3个条件,表示很可能不支持pptp。
安装 PPP
# yum install ppp ppp-devel pptp net-tools iptables
安装 PPTPD
下载 pptpd-1.4.0.tar.gz
https://sourceforge.net/projects/poptop/files/pptpd/pptpd-1.4.0/
# wget https://jaist.dl.sourceforge.net/project/poptop/pptpd/pptpd-1.4.0/pptpd-1.4.0.tar.gz
# tar zxvf pptpd-1.4.0.tar.gz
# ./configure --prefix=/usr/local/pptpd
# make && make install
# mkdir -p /usr/lib/pptpd/
# ln -s /usr/local/pptpd/lib/pptpd/pptpd-logwtmp.so /usr/lib/pptpd/pptpd-logwtmp.so
手动链接下
pptpd-logwtmp.so
库
由于 CentOS 8 还没有 pptpd rpm 包, 所以这里手动编译安装, 如果您些麻烦,我这里手动打了 centos 8 pptpd rpm 包
- https://pic.ithothub.com/wp-content/uploads/2020/03/pptpd-1.4.0-2.el8.x86_64.rpm
- https://pic.ithothub.com/wp-content/uploads/2020/03/pptpd-1.4.0-2.el8.src.rpm
# rpm -ivh https://pic.ithothub.com/wp-content/uploads/2020/03/pptpd-1.4.0-2.el8.x86_64.rpm
配置 PPTPD
/etc/ppp/options.pptpd
# cat /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
idle 2592000
ms-dns 8.8.8.8
ms-dns 8.8.4.4
/etc/ppp/chap-secrets
# cat /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
aikaiyuan pptpd 123456 *
client server secret IP addresses
用户名: aikaiyuan 密码: 123456 允许所有IP
/etc/pptpd.conf
# cat /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.9.1
remoteip 192.168.9.11-30
localip: VPN网关地址
remoteip: 分配给客户端IP地址范围
启动PPTPD
# /usr/local/pptpd/sbin/pptpd -d -c /etc/pptpd.conf
1 8387 8387 8387 ? -1 Ss 0 0:00 /usr/local/pptpd/sbin/pptpd -d -c /etc/pptpd.conf
8387 10718 8387 8387 ? -1 S 0 0:00 \_ pptpd [10.10.10.22:63A0 - 0080]
10718 10719 8387 8387 ? -1 S 0 0:00 \_ /usr/sbin/pppd local file /etc/ppp/options.pptpd 115200 192.168.9.1:192.168.9.11 ipparam 10.10.10.22 plugin /usr/lib/pptpd/pptpd-logwtmp.so pptpd-original-ip 10.10.10.22 remotenumber 10.10.10.22
客户端 10.10.10.22 以成功链接
开启NAT
开启路由转发
# echo 'net.ipv4.ip_forward = 1' > /etc/sysctl.d/50-forward.conf
# sysctl -p
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
开启NAT转换
# /sbin/iptables -t nat -A POSTROUTING -o eth0 -s 192.168.9.0/24 -j MASQUERADE
# /sbin/iptables -I INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
这里
eth0
是我的 公网接口
1723 是 PPTP默认 端口
评论前必须登录!
注册