1,检查是否开启PPP
#cat /dev/ppp cat: /dev/ppp: No such device or address //表示已经开启
2,安装ppp和iptables
#yum install ppp
3,安装pptp
# rpm -ivh ftp://ftp.icm.edu.pl/vol/rzm5/linux-fedora/linux/epel/6/i386/pptpd-1.4.0-3.el6.i686.rpm
4,配置pptp
去掉“#”使102,103行生效
# vim /etc/pptpd.conf
101 # (Recommended) 102 localip 192.168.0.1 103 remoteip 192.168.0.234-238,192.168.0.245 104 # or 105 #localip 192.168.0.234-238,192.168.0.245 106 #remoteip 192.168.1.234-238,192.168.1.245
更改dns
# vim /etc/ppp/options.pptpd
38 # Require MPPE 128-bit encryption
39 # (note that MPPE requires the use of MSCHAP-V2 during authentication)
40 #require-mppe-128 //注释掉
61 # If pppd is acting as a server for Microsoft Windows clients, this 62 # option allows pppd to supply one or two DNS (Domain Name Server) 63 # addresses to the clients. The first instance of this option 64 # specifies the primary DNS address; the second instance (if given) 65 # specifies the secondary DNS address. 66 ms-dns 8.8.8.8 //更改为谷歌DNS 67 ms-dns 8.8.4.4
5,添加vpn账号,密码
# vim /etc/ppp/chap-secrets # Secrets for authentication using CHAP # client server secret IP addresses
用户名 pptpd 密码 *
6,修改内核设置,使其支持转发
net.ipv4.ip_forward = 1 #net.ipv4.tcp_syncookies = 1 //注释掉
7,配置iptables转发规则
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source "vpsIP"
iptables service save
8,设置pptp和iptables开机自启动
#chkconfig pptpd on #chkconfig iptables on
#service pptpd restart
#service iptables restart