1.检查是否支持pptp
Bash
modprobe ppp-compress-18 && echo ok
返回ok即表示支持
2.安装PPTPD
Bash
yum install -y ppp
yum install -y epel-release
yum install -y pptpd
3.修改/etc/pptpd.conf
localip 192.168.0.1 #本地网卡地址
remoteip 192.168.0.2-100 #客户端地址池
4.修改/etc/ppp/options.pptpd
GDScript
name pptpd
refuse-pap
refuse-chap
refuse-mschap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 114.114.114.114
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
logfile /var/log/pptpd.log
5.修改 /etc/ppp/chap-secrets 文件
这个文件规定了pptp vpn账号与密码
Bash
# client server secret IP addresses
此处是用户名 pptpd 此处是密码 *
6.修改 /etc/sysctl.conf 文件
添加这一句,使得允许系统路由转发。然后执行sysctl -p生效。
Scdoc
net.ipv4.ip_forward=1
7.添加防火墙规则
Scdoc
#iptables
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT
COMMIT
8.修改/etc/ppp/ip-up
在/etc/ppp/ip-up ,exit 0前加入以下代码。
ifconfig $1 mtu 1500
9.重启服务
sysctl -p
systemctl restart pptpd
systemctl restart iptables