配置PPTP服务器

1、验证内核是否加载了MPPE模块:

modprobe ppp-compress-18 && echo MPPE is ok
2、安装所需的软件包:
yum -y install ppp
rpm -ivh pptpd-1.4.0-2.el7.x86_64.rpm
3、配置PPP和PPTP的配置文件:
grep ^[^#] /etc/ppp/options.pptpd
vi /etc/ppp/options.pptpd
name pptpd
#refuse-pap
#refuse-chap
#refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
vi /etc/ppp/chap-secrets
username    pptpd    passwd    *
vi /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.0.1
remoteip 192.168.0.207-217
4、打开内核的IP转发功能:
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
/sbin/sysctl -p
5、配置防火墙和NAT转发
yum install iptables-services
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl enable iptables.service
systemctl start iptables.service
开启包转发:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE
service iptables save
service iptables restart
开放端口和gre协议:
iptables -A INPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p gre -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE
添加规则:
iptables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -o eno16777736 -j ACCEPT
iptables -A FORWARD -d 192.168.0.0/24 -i eno16777736 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE
service iptables save
启动和查看服务:
systemctl start pptpd
systemctl enable pptpd
systemctl status pptpd
6.查看pptpd服务进程和端口:
#ps -ef | grep pptpd
root      25100      1  0 14:19 ?        00:00:00 /usr/sbin/pptpd -f
root      25463  24275  0 14:52 pts/0    00:00:00 grep --color=auto pptpd
# netstat -nutap | grep pptpd
tcp        0      0 0.0.0.0:1723            0.0.0.0:*               LISTEN      25100/pptpd  

posted on 2016-06-07 14:15  随风☆飘扬  阅读(864)  评论(0编辑  收藏  举报

导航