linux安装完毕,设置IP地址
vi /etc/sysconfig/network-scripts/ifcfg-eth0
关闭IPV6,重启电脑
安装依赖包ppp perl
yum install ppp perl
wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.4.0-1.el6.x86_64.rpm
rpm -Uhv pptpd-1.4.0-1.el6.x86_64.rpm
vi /etc/pptpd.conf
localip 192.168.20.1
remoteip 192.168.20.21-40
vpnuser add 用户名 密码
此数据存贮于/etc/ppp/chap-secrets
/etc/ppp/options.pptpd PPTPD 常用选项
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1 开启路由转发
sysctl -p /etc/sysctl.conf sysctl.conf 立即应用
service pptpd restart
在路由器上做tcp1723 及协议号47的映射
所谓协议号47映射,即使用下面的指令
nat server protocol 47 global X.X.X.X inside X.X.X.X
*nat
:PREROUTING ACCEPT [25:1568]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 192.168.20.0/24 -o eth0 -j MASQUERADE
*filter
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT
-A INPUT -p gre -j ACCEPT
在/etc/sysconfig/iptables 添加
-A FORWARD -j REJECT --reject-with icmp-host-prohibited 一定要注释掉这条规则
