根据系统选择安装那个版本的源
centos-5 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm centos-6 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm centos-7 rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm yum install ppp pptpd iptables -y
编辑如下文件
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1 #设置为1
#net.ipv4.tcp_syncookies = 1 #注释掉
/sbin/sysctl -p #使设置立刻生效
编辑/etc/pptpd.conf文件 设置如下:
ppp /usr/sbin/pppd option /etc/ppp/options.pptpd #debug # stimeout 10 #noipparam logwtmp #vrf test #bcrelay eth1 connections 100 localip 172.16.9.1 remoteip 172.16.9.2-100
编辑/etc/ppp/options.pptpd文件 设置如下:
name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 proxyarp #debug #dump lock nobsdcomp novj novjccomp nologfd
设置/etc/ppp/chap-secrets 文件设置如下:
[root@server1 ppp]# cat chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses *** pptpd ***test * test pptpd test1111 * [root@server1 ppp]#
注意 client列代表用户名 secret列代表密码 IP addresses代表IP地址 *代表任意IP地址
chkconfig iptables on
chkconfig pptpd on
添加防火墙
iptables -t nat -A POSTROUTING -s 192.168.9.0/24 -o eth1 -j MASQUERADE
# iptables -A INPUT -p tcp --dport 1723 -j ACCEPT
#iptables -A INPUT -p gre -j ACCEPT
根据情况并且允许1723端口通过 允许GRE协议通过
测试
service pptpd start
service iptables start