根據系統選擇安裝那個版本的源
centos-5 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm centos-6 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm centos-7 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm yum install ppp pptpd iptables -y
編輯如下文件
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1 #設置爲1
#net.ipv4.tcp_syncookies = 1 #註釋掉
/sbin/sysctl -p #使設置立刻生效
編輯/etc/pptpd.conf文件 設置如下:
ppp /usr/sbin/pppd option /etc/ppp/options.pptpd #debug # stimeout 10 #noipparam logwtmp #vrf test #bcrelay eth1 connections 100 localip 172.16.9.1 remoteip 172.16.9.2-100
編輯/etc/ppp/options.pptpd文件 設置如下:
name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 proxyarp #debug #dump lock nobsdcomp novj novjccomp nologfd
設置/etc/ppp/chap-secrets 文件設置如下:
[root@server1 ppp]# cat chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses *** pptpd ***test * test pptpd test1111 * [root@server1 ppp]#
注意 client列代表用戶名 secret列代表密碼 IP addresses代表IP地址 *代表任意IP地址
chkconfig iptables on
chkconfig pptpd on
添加防火牆
iptables -t nat -A POSTROUTING -s 192.168.9.0/24 -o eth1 -j MASQUERADE
# iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
#iptables -A INPUT -p gre -j ACCEPT
根據情況並且允許1723端口通過 允許GRE協議通過
測試
service pptpd start
service iptables start