This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Server configuration Build a VPN server under CentOS 6.2
View: 12303|Reply: 0

[VPN] Build a VPN server under CentOS 6.2

[Copy link]
Posted on 5/18/2015 11:37:16 PM | | |
1. Install PPP via Yum:

  1. $ yum install ppp -y
Copy code

2. Download and install pptpd, you can get http://poptop.sourceforge.net/yum/stable/packages/ on this website :

  (Depending on the number of bits in the operating system, here is the x86_64 version of 64-bit)

  1. $ cd /usr/local/src $ wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm $ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm
Copy code

3. After installation, open /etc/pptpd.conf and add or modify the following configuration:

localip 192.168.0.1 remoteip 192.168.0.234-238
4. Open /etc/ppp/options.pptpd to add the VPN's DNS (using Google's DNS):

  1. ms-dns 8.8.8.8
Copy code

5. Add an account to the VPN, open /etc/ppp/chap-secrets, and add a username and password in the following format:

  1. vpnuser pptpd myVPN$99 *
Copy code

The format is this: [username] [space] [server] [space] [password] [space][IP addresses]

6. We need to enable IP forwarding of the service. Open /etc/sysctl.conf and change the following configuration:

  1. net.ipv4.ip_forward = 1</p><p>#net.ipv4.tcp_syncookies = 1 注释掉这一行
Copy code

7. Run the following command to make the configuration take effect:

  1. $ sysctl -p
Copy code

8. Add rules in the firewall to allow NAT translation:

  1. $ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE </p><p>$ service iptables save </p><p>$ service iptables restart
Copy code

Note: When you finish step 8, check /etc/sysconfig/iptables. Make sure the POSTROUTING rule precedes any REJECT rule

Depending on the VPS implementation, there are mainly openVZ and XEN. The two rules are:

  1. OpenVZ: $iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source **.**.**.**(这里为VPS公网IP)
  2. XEN:iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE</p>
Copy code


9. Enable the self-start of the PPTPD service and restart the server

  1. $ chkconfig pptpd on
Copy code






Previous:Summary of PPTP VPN Server Access FAQs
Next:CentOS 6 builds a VPN server

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com