linux中配置pptp服务器配置的方法

2018-11-11 20:48:36 4846

1、验证内核是否加载了MPPE模块:


modprobe ppp-compress-18 && echo MPPE is ok


2、安装所需的软件包:


yum -y install ppp

wget ftp://rpmfind.net/linux/epel/7/x86_64/p/pptpd-1.4.0-2.el7.x86_64.rpm

rpm -ivh pptpd-1.4.0-2.el7.x86_64.rpm


3、配置PPP和PPTP的配置文件:


grep ^[^#] /etc/ppp/options.pptpd

vi /etc/ppp/options.pptpd


name pptpd

#refuse-pap

#refuse-chap

#refuse-mschap

require-mschap-v2

require-mppe-128

ms-dns 8.8.8.8

ms-dns 8.8.4.4

proxyarp

lock

nobsdcomp

novj

novjccomp

nologfd

vi /etc/ppp/chap-secrets


username  pptpd  passwd  *

vi /etc/pptpd.conf


option /etc/ppp/options.pptpd

logwtmp

localip 192.168.0.1

remoteip 192.168.0.207-217

4、打开内核的IP转发功能:


vi /etc/sysctl.conf


net.ipv4.ip_forward = 1

/sbin/sysctl -p


5、配置防火墙和NAT转发


yum install iptables-services

systemctl stop firewalld.service

systemctl disable firewalld.service

systemctl enable iptables.service

systemctl start iptables.service

开启包转发:


iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE

service iptables save

service iptables restart

开放端口和gre协议:


iptables -A INPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1723 -j ACCEPT

iptables -A INPUT -p gre -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE

添加规则:


iptables -A INPUT -p gre -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -s 192.168.0.0/24 -o eno16777736 -j ACCEPT

iptables -A FORWARD -d 192.168.0.0/24 -i eno16777736 -j ACCEPT

iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE

service iptables save

启动和查看服务:


systemctl start pptpd

systemctl enable pptpd

systemctl status pptpd

6.查看pptpd服务进程和端口:


#ps -ef | grep pptpd

root   25100   1 0 14:19 ?    00:00:00 /usr/sbin/pptpd -f

root   25463 24275 0 14:52 pts/0  00:00:00 grep --color=auto pptpd

# netstat -nutap | grep pptpd

tcp    0   0 0.0.0.0:1723      0.0.0.0:*        LISTEN   25100/pptpd


提交成功!非常感谢您的反馈,我们会继续努力做到更好!

这条文档是否有帮助解决问题?

非常抱歉未能帮助到您。为了给您提供更好的服务,我们很需要您进一步的反馈信息:

在文档使用中是否遇到以下问题: