Posts Tagged ‘VPN’

How to setup pptp vpn server on linux (fedora 14)


03 8月
All in root:   1.Get ppp installed: yum install ppp ppp-devel   2. Get pptpd from : http://poptop.sourceforge.net/yum/stable/fc14/x86_64/ (if you are not installing on fc14 please just browser the parent folder and find yourself the correct version) wget http://poptop.sourceforge.net/yum/stable/fc14/x86_64/pptpd-1.3.4-2.fc14.x86_64.rpm   3. Install pptpd: rpm -ivh pptpd-1.3.4-2.fc14.x86_64.rpm   4. vim /etc/pptpd.conf Edit these 2 lines: localip 10.0.0.1 remoteip 10.0.0.10-100 (You can customize the ips. The first one is for the host in your future virtual network and the second is the range for the guests)   5. vim /etc/ppp/options.pptpd Edit the ms-dns lines: ms-dns 208.67.222.222 ms-dns 208.67.220.220 (Dns for the guest to use. These 2 are from openDns. Surely you can set whatever you like. 8.8.8.8, 8.8.4.4 may also be a nice choice. They are Google's DNS.)   6. Setup user/passwd: vim  /etc/ppp/chap-secrets Follow the comments in the file write something like this: username pptpd password * username2 pptpd password2 * (The * at the end means open access for all the ips. Of course if you want to specify one,  just serve yourself. )   7. IP forward vim /etc/sysctl.conf Edit this line: net.ipv4.ip_forward = 1 To make this take effect: sysctl -p   8.  iptables or firewall If you are using csf as I do you will have to do this: Step 1 Create File vi /etc/csf/csfpre.sh Input Text down iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT iptables -A INPUT -i eth0 -p gre -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT Save File chmod +x /etc/csf/csfpre.sh Step 2 Create File vi /etc/csf/csfpost.sh Input Text down service pptpd stop service pptpd start Save File chmod +x/etc/csf/csfpost.sh restart csf+lfd (web interface or command line ) I also opened 1723 port in csf.conf file, which might not be necessary.   If you are not using it then you just need to run the commands in the .sh files above. After restart everything should work then.   Reference: http://blog.plite.org/neo_one2199/2011/04/03/installing-and-configuring-pptp-vpn-on-rhelcentos-5/ http://forum.configserver.com/viewtopic.php?p=8449      

各种VPN方法——美国VPN,Packetix,PopTop PPTP VPN Server,Windows7 or Windows Vista or Windows XP VPN Server Setup


11 6月
最近洋葱不好使了,杯具啊,天朝真是强大。搜了下VPN的东东,记录一下。 最简单的自然是网上收费的那些美国vpn提供商了,品种繁多,我同事用的一个貌似还不错,地址 http://www.vpn98.com。 另外我自己看到的一个:http://www.macrovpn.com/ 第二种就是通过第三方的VPN平台,我看到的不错的是:http://www.packetix.net/en/vpn/,当然是免费的,可以自己建自己的vpn,而且这个东东主要是提供真正的VPN功能,而不是单纯的翻墙功能,如果要通过VPN中的某台机器链接外网,还需要另外到http://www.packetix.net/en/vpn/admin/vpnbridge.aspx 下载bridge的工具安装后才可以。具体的见官网教程吧。因为要连到他的服务器作为类似网关一样的存在,所以速度不快。 第三种自然是自己建VPN了,看了下,PPTP的VPN SERVER开源的,http://www.poptop.org/,如果外国有关系的同学可以让那边的帮忙,这样就无成本啦,哈哈。 最近天朝越来越瓜三了,貌似很多美国主机都丢包很厉害,唉。。。什么世道啊。。。逼我出国吗。。。 ———————————————win7 vpn server————————————————— 刚才网上看了下,windows似乎设置成vpn超方便的: Following are the steps for configuring Incoming VPN Connection in Windows 7 1. First go to Control Panel and open Network and Sharing Center. 2. Click on Change adapter settings. 3. Press Alt+F and select New Incoming connection 4. Put a check on who you’d like to give access to this computer or you can configure a new account by clicking on Add someone,after that click on Next. 5. Put a check mark on Through the Internet. Click on Next. 6. Select the protocols you want to enable for this connection. Click on Allow access. 7. Make a note of the Computer name as this will be used by the client to connect to this computer and after that Click on Close. 不知道好不好用,回头试试。。。如果可以连到美国的话。。。无敌来。。。 P.S. XP 和 VISTA的参考这里: http://www.onecomputerguy.com/networking/xp_vpn_server.htm http://www.onecomputerguy.com/networking/vista_vpn_server.htm ————————————poptop 设置指南—————————————— 安装不说了,网上很多,自己查吧,说下配置,有点搞的,老是619,809的错误 网上查了下找到了答案(From http://www.webhostingtalk.com/showthread.php?t=944722): in /etc/pptpd.conf
  1. local ip :   [my VPS ip]
  2. remote ip :  192.168.0.100-120
you can use any private ip range for remote ip. in /etc/ppp/pptpd-options
  1. refuse-pap
  2. refuse-chap
  3. refuse-mschap
  4. require-mschap-v2
  5. require-mppe-128
  6. ms-dns 208.67.222.222
  7. ms-dns 208.67.220.220
you can use any dns server you like,i used opendns. in /etc/ppp/chap-secrets
  1. user1 * password1 *
  2. user2 * password2 *
Also be careful : between fields in chap-secrets file use TAB. one of my problems was using Space instead of TAB. in /etc/sysctl.conf
  1. net.ipv4.ip_forward=1
Uncomment that line. enables ip forwarding. i also create a simple script for testing my iptables rules. you can add these rules to the /etc/rc.local
  1. iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
  2. iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
  3. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  4. iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
  5. iptables -A INPUT -i eth0 -p gre -j ACCEPT
and a Reboot! 基本上这样就搞定了,619错误好像还有可能是路由器设置的问题,可以上vpn98的常见问题看哦。 安装什么的可以参考这里:http://www.5dlinux.com/article/4/2007/linux_5328.html 配置还是以上面的为主。 Good Luck!

貓熊寶寶幼齒園

姜經緯的博客