I will show you how to configure a VPN server with pptpd. It can also be installed with L2TP or OpenVPN. I have not tried the later.
1) Install ppp in the server
2) Download pptpd-1.3.4-2.rhel5.x86_64.rpm in the server
3) Install the downloaded pptpd rpm package in the server
4) Edit IP setting in the pptpd.conf (/etc/pptpd.conf) you will have to specify the server
address and the network range (localip,remoteip)
5) Add user accounts in /etc/ppp/chap-secrets (assign username and password)
in the specified format.
---------------------------------------------------------
# client server secret IP addresses
rasimvs pptpd password *
---------------------------------------------------------
6) You can also do the optional settings of DNS resolver
/etc/ppp/options.pptpd
ms-dns 8.8.8.8
ms-dns 4.4.4.4
7) Enable Network forwarding in /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p
8) Configure firewall rules using the following commands
---------------------------------------------------------
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
---------------------------------------------------------
9) Add pptp to check config so that it is started on restarts
chkconfig pptpd on
10) restart the pptpd service or may be restart theserver.
Command summary on this regard.
--------------------------------------------------------------------------------------------------------------------------
yum install ppp
cd /usr/local/src/
wget http://lnmpp.googlecode.com/files/pptpd-1.3.4-2.el6.x86_64.rpm
rpm -Uvh pptpd-1.3.4-2.el6.x86_64.rpm
vi /etc/pptpd.conf
vi /etc/ppp/chap-secrets
vi /etc/ppp/options.pptpd
vi /etc/sysctl.conf
sysctl -p
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
chkconfig pptpd on
getenforce
vi /etc/selinux/config
init 6
--------------------------------------------------------------------------------------------------------------------------
1) Install ppp in the server
2) Download pptpd-1.3.4-2.rhel5.x86_64.rpm in the server
3) Install the downloaded pptpd rpm package in the server
4) Edit IP setting in the pptpd.conf (/etc/pptpd.conf) you will have to specify the server
address and the network range (localip,remoteip)
5) Add user accounts in /etc/ppp/chap-secrets (assign username and password)
in the specified format.
---------------------------------------------------------
# client server secret IP addresses
rasimvs pptpd password *
---------------------------------------------------------
6) You can also do the optional settings of DNS resolver
/etc/ppp/options.pptpd
ms-dns 8.8.8.8
ms-dns 4.4.4.4
7) Enable Network forwarding in /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p
8) Configure firewall rules using the following commands
---------------------------------------------------------
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
---------------------------------------------------------
9) Add pptp to check config so that it is started on restarts
chkconfig pptpd on
10) restart the pptpd service or may be restart theserver.
Command summary on this regard.
--------------------------------------------------------------------------------------------------------------------------
yum install ppp
cd /usr/local/src/
wget http://lnmpp.googlecode.com/files/pptpd-1.3.4-2.el6.x86_64.rpm
rpm -Uvh pptpd-1.3.4-2.el6.x86_64.rpm
vi /etc/pptpd.conf
vi /etc/ppp/chap-secrets
vi /etc/ppp/options.pptpd
vi /etc/sysctl.conf
sysctl -p
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
service iptables save
service iptables restart
chkconfig pptpd on
getenforce
vi /etc/selinux/config
init 6
--------------------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment