Ubuntu 搭建VPN服务,pptpd安装配置(英文版) PPTP Server

摘要:Ubuntu 搭建VPN服务,pptpd安装配置(英文版) PPTP Server...

作者:LoveCode标签:ubuntu,ftp,pptpd

This guide has been tested with Ubuntu 12.4 Server.  


Setup PPTP Server

First we need to install pptp server using apt-get

# sudo apt-get install pptpd

Then we need to configure the pptpd.

# sudo nano /etc/pptpd.conf

Add server IP and client IP at the end of the file. You can add like below:

localip 192.168.0.1
remoteip 192.168.0.100-200

This sets up the PPTP server to use IP 192.168.0.1 while distributing the IP range 192.168.0.100 to 192.168.0.200 to PPTP clients. Change these as you wish as long as they are private IP addresses and do not conflict with IP addresses already used by your server.

Configure DNS servers to use when clients connect to this PPTP server

# sudo nano /etc/ppp/pptpd-options

Uncomment the ms-dns and add google like below or OpenDNS

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Now add a VPN user in /etc/ppp/chap-secrets file.  

# sudo nano /etc/ppp/chap-secrets

The column is username. Second column is server name, you can put “pptpd” in there. Third column is password. The last column is the IP addresses, you can put * to allow all IP.

# client        server  secret                  IP addresses
username(username) *(servername) myPassword(password) * (IP addresses)

Finally start your server

# /etc/init.d/pptpd restart


Setup IP Forwarding

To enable IPv4 forward. Change /etc/sysctl.conf file, add forward rule below.

# sudo nano /etc/sysctl.conf

Uncomment the line

net.ipv4.ip_forward=1

Then reload the configuration

sudo sysctl -p

Add forward rule in iptables

# sudo nano /etc/rc.local

adding to the bottom just before the exit 0

iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -p tcp --syn -s 192.168.0.0/24 -j TCPMSS --set-mss 1356

This example is using 192.168.0 for its PPTP subnet. The second rule adjusts the MTU size :

You are done. Just reboot your server and you should be able to connect to using PPTPD and send all your traffic through this server.


//视频亲测可用:

1. Update and install pptpd

2. Network config - static IP, bridged vs NAT VPN
Network gateway address: 192.168.0.1
VPN server address: 192.168.0.220
client addresses: 192.168.0.221-225

3. Edit /etc/ppp/pptpd-options
#refuse-pap
#refuse-chap
#refuse-mschap
ms-dns 8.8.8.8 (DNS Server for VPN)

4. Edit /etc/pptpd.conf
localip 192.168.0.x
remoteip 192.168.0.y1-y2

5. Edit /etc/ppp/chap-secrets
Enter username, pptp server name, password, client IP

6. Edit /etc/sysctl.conf
Uncomment IPV4 Forward line (net.ipv4.ip_forward=1)

7. Install/configure ufw
sudo ufw allow 47
sudo ufw allow 1723
sudo ufw enable
(IP forwarding for NAT VPN setups)
/etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
/etc/ufw/before.rules
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
COMMIT

-A ufw-before-input -p 47 -j ACCEPT

8. Port forward (ports 47 and 1723) to IP of VPN server
CopyRight © 2017 荒山本的官方网站 粤ICP备16049175号 All Right Service 网站地图(xml) 网站地图(html)