Server 服务端
过程 44.12. pptpd 安装步骤
-
install
Ubuntu
$ sudo apt-get install pptpd
CentOS
# yum install pptp pptp-setup
-
$ sudo vim /etc/pptpd.conf
localip 172.16.0.1 remoteip 172.16.0.50-100
-
$ sudo vim /etc/ppp/pptpd-options
ms-dns 208.67.222.222 ms-dns 208.67.220.220
-
$ sudo vim /etc/ppp/chap-secrets
# Secrets for authentication using CHAP # client server secret IP addresses neo pptpd chen *
-
restart
sudo /etc/init.d/pptpd restart Restarting PPTP: Stopping PPTP: pptpd. Starting PPTP Daemon: pptpd.
-
# ifconfig ppp0 ppp0 Link encap:Point-to-Point Protocol inet addr:192.168.3.9 P-t-P:192.168.3.15 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1 RX packets:1545 errors:0 dropped:0 overruns:0 frame:0 TX packets:1008 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:342505 (334.4 KiB) TX bytes:239324 (233.7 KiB)
-
$ sudo vim /etc/sysctl.conf
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
refresh status
$ sudo sysctl -p net.ipv4.ip_forward = 1
-
NAT
$ sudo iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o eth0 -j MASQUERADE $ sudo iptables-save > /etc/iptables-rules
$ sudo vim /etc/network/interfaces
pre-up iptables-restore < /etc/iptables-rules
-
firewall
$ sudo ufw allow 1723 Rules updated
MTU
$ sudo iptables -A FORWARD -s 10.100.0.0/24 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1200 还有一个最简单的修改mtu的办法: $ sudo vim /etc/ppp/ip-up.local !/bin/bash /sbin/ifconfig $1 mtu 1496
安装pptp客户端
yum install -y pptp pptp-setup
普通账号
pptpsetup --create vpn --server vpn.netkiller.cn \ --username neo --password netkiller
加密账号
pptpsetup --create vpn0 --server vpn.netkiller.cn \ --username neo --password netkiller --encrypt
查看vpn配置文件
# cat /etc/ppp/peers/vpn # written by pptpsetup pty "pptp vpn.netkiller.cn --nolaunchpppd" lock noauth nobsdcomp nodeflate name neo remotename vpn ipparam vpn