服務器上遠程連接

1.檢查系統是否支持安裝pptp

[root@m01 ~]# cat /dev/ppp
cat: /dev/ppp: No such device or address

1.2 配置內核轉發

[root@m01 ~]# sed -i 's#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g'  /etc/sysctl.conf  
[root@m01 ~]# grep net.ipv4.ip_forward /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@m01 ~]# sysctl -p   #生效
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296

1.3 安裝pptp

[root@m01 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
#安裝epel源
[root@m01 ~]# yum -y install pptpd

1.4 配置pptp

[root@m01 ~]# sed -i '$a localip 10.0.0.61\nremoteip 172.16.1.100-200' /etc/pptpd.conf
[root@m01 ~]# tail -2 /etc/pptpd.conf
localip 10.0.0.61
remoteip 172.16.1.100-200

1.5 啓動pptp

[root@m01 ~]# /etc/init.d/pptpd start
Starting pptpd:                                            [  OK  ]
[root@m01 ~]# tailf /var/log/messages

Jul 27 10:40:23 m01 pptpd[5971]: MGR: connections limit (100) reached, extra IP addresses ignored
Jul 27 10:40:23 m01 pptpd[5972]: MGR: Manager process started
Jul 27 10:40:23 m01 pptpd[5972]: MGR: Maximum of 100 connections available

[root@m01 ~]# netstat -tunlp|grep pptp
tcp        0      0 0.0.0.0:1723                0.0.0.0:*                   LISTEN      8061/pptpd      

1.6 添加賬號密碼

[root@m01 ~]# vim /etc/ppp/chap-secrets
oldboy * 123456 *
#此處不需要重啓服務

1.7 windows的使用

1.在網絡和共享===>>設置新的連接或網絡===>>連接到工作區===>>點擊敗"否，創建新連接"===>>輸入目標ip和目標名稱===>>輸入賬號和密碼！！！！

1.7.1  鏈接不能上網的解決方法

在網絡欄點擊目標名稱===>>點擊屬性===>>選擇internet協議版本4(TCP/IPv4)===>>常規中選擇 "高級" ===>>ip設置中===>>去掉在遠程網絡上使用默認網關的（對號）

1.8 配置vpn審計功能

1.8.1 機率登陸用戶名日誌

cat /etc/ppp/ip-up
echo "$PEERNAME 分配IP:$5 登陸IP:$6 登陸時間:`date-d today+%F_%T`">>/var/log/pptpd.log/pptpd.log
exit 0
cat /etc/ppp/ip-down
echo "$PEERNAME 下線IP:$6下線時間:`date-d today +%F_%T`">>/var/log/pptpd.log
exit 0

[root@m01 ~]# sed -i '$i echo "$PEERNAME 分配IP: $5 登錄IP: $6 登錄時間: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-up
[root@m01 ~]# sed -i '$i echo "$PEERNAME 下線IP: $6 下線時間: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-down
[root@m01 ppp]# tail -F /var/log/pptpd.log
tail: cannot open `/var/log/pptpd.log' for reading: No such file or directory

tail: `/var/log/pptpd.log' has become accessible
oldboy 下線IP:  10.0.0.253 下線時間: 2017-07-27_11:28:13
oldboy 分配IP:  172.16.1.100 登錄IP:  10.0.0.253 登錄時間: 2017-07-27_11:28:31 sed -i '$i echo "$PEERNAME 分配IP: $5 登錄IP: $6 登錄時間: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-up
[root@m01 ~]# sed -i '$i echo "$PEERNAME 下線IP: $6 下線時間: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-down
[root@m01 ppp]# tail -F /var/log/pptpd.log
tail: cannot open `/var/log/pptpd.log' for reading: No such file or directory

tail: `/var/log/pptpd.log' has become accessible
oldboy 下線IP:  10.0.0.253 下線時間: 2017-07-27_11:28:13
oldboy 分配IP:  172.16.1.100 登錄IP:  10.0.0.253 登錄時間: 2017-07-27_11:28:31