centos6 安装 pptpd vpn服务器

参考教程：http://blog.secaserver.com/2011/10/install-vpn-pptp-server-centos-6/

 

1. Install ppp via yum:

$ yum install ppp -y

2. Download and install pptpd (the daemon for point-to-point tunneling). You can find the correct package at this website http://poptop.sourceforge.net/yum/stable/packages/ :

$ cd /usr/local/src
$ wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm
$ rpm -Uhv pptpd-1.3.4-2.el6.x86_64.rpm

3. Once installed, open /etc/pptpd.conf using text editor and add following line:

localip 209.85.227.26
remoteip 209.85.227.27-30

4. Open /etc/ppp/options.pptpd and add  authenticate method, encryption and DNS resolver value:

require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8

5. Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:

vpnuser pptpd myVPN$99 *

The format is: [username] [space] [server] [space] [password] [space][IP addresses]

6. We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:

net.ipv4.ip_forward = 1

7. Run following command to take effect on the changes:

$ sysctl -p

8. Allow IP masquerading in IPtables by executing following line:

$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ service iptables save
$ service iptables restart

Update: Once you have done with step 8, check the rules at /etc/sysconfig/iptables. Make sure that the POSTROUTING rules is above any REJECT rules.

9. Turn on the pptpd service at startup and reboot the server:

$ chkconfig pptpd on

用户密码：/etc/ppp/chap-secrets 

iptables -t nat -A POSTROUTING -s 192.168.30.0/24 -j SNAT --to-source 192.168.10.11（内网ip)

 

如果是内网机器，还要把默认的1723端口做个端口转发。

最后，windows系统上新建vpn连接，一切就OK。