network-service:setup-pptp
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionLast revisionBoth sides next revision | ||
network-service:setup-pptp [2010/05/29 15:33] – created percy | network-service:setup-pptp [2010/05/29 19:17] – percy | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PPTP VPN配置说明 ====== | ====== PPTP VPN配置说明 ====== | ||
之前只配置过OpenVPN, | 之前只配置过OpenVPN, | ||
+ | |||
+ | ====== 安装pptpd ====== | ||
先要安装PPTP服务器端软件 | 先要安装PPTP服务器端软件 | ||
+ | #安装 | ||
emerge pptpd | emerge pptpd | ||
+ | #启动 | ||
/ | / | ||
Line 9: | Line 13: | ||
pptpd -c / | pptpd -c / | ||
| | ||
+ | ====== 查看pptpd端口 ====== | ||
+ | |||
可以用下面两个命令来查看PPTPD的运行情况 | 可以用下面两个命令来查看PPTPD的运行情况 | ||
sudo netstat -nutap |grep pptp | sudo netstat -nutap |grep pptp | ||
Line 14: | Line 20: | ||
前一个是查看端口,后一个是查看pptpd是否在运行。 | 前一个是查看端口,后一个是查看pptpd是否在运行。 | ||
- | ===== 配置文件 ===== | + | ====== 配置文件 ====== |
+ | pptpd主要涉及到三个配置文件,/ | ||
+ | |||
+ | ===== / | ||
pptpd的主要配置文件是/ | pptpd的主要配置文件是/ | ||
Line 22: | Line 32: | ||
< | < | ||
option / | option / | ||
- | debug | + | debug # |
noipparam | noipparam | ||
logwtmp | logwtmp | ||
connections 100 | connections 100 | ||
- | localip 192.168.0.112 | + | localip 192.168.0.1 # |
- | remoteip 192.168.0.234-238, | + | remoteip 192.168.0.234-238, |
- | </ | + | </ |
+ | |||
+ | ===== options.pptpd ===== | ||
+ | |||
+ | 第二个配置文件是 / | ||
+ | |||
+ | 查看我当前的配置文件 : | ||
+ | gentoo-pjq etc # cat ppp/ | ||
+ | < | ||
+ | name pptpd | ||
+ | refuse-pap | ||
+ | refuse-chap | ||
+ | refuse-mschap | ||
+ | require-mschap-v2 | ||
+ | require-mppe-128 | ||
+ | ms-dns | ||
+ | proxyarp | ||
+ | debug # | ||
+ | dump | ||
+ | lock | ||
+ | nobsdcomp | ||
+ | novj | ||
+ | novjccomp | ||
+ | nologfd | ||
+ | logfile / | ||
+ | </ | ||
+ | 由于使用了MPPE,需要手动加载mppe模块 | ||
+ | modprobe ppp_mppe | ||
+ | |||
+ | 查看下我当前加载的模块 | ||
+ | gentoo-pjq etc # lsmod | ||
+ | < | ||
+ | Module | ||
+ | sha1_generic | ||
+ | ppp_mppe | ||
+ | ppp_async | ||
+ | crc_ccitt | ||
+ | ppp_generic | ||
+ | slhc 3327 1 ppp_generic | ||
+ | vboxdrv | ||
+ | nvidia | ||
+ | </ | ||
+ | |||
+ | ===== chap-secrets ===== | ||
+ | |||
+ | 第三个配置文件/ | ||
+ | |||
+ | 在这个文件里添加用户名,密码 | ||
+ | gentoo-pjq etc # cat ppp/ | ||
+ | |||
+ | 999 * 999 * | ||
+ | # added by pptpsetup for mypptp | ||
+ | 999 mypptp " | ||
+ | |||
+ | 其中999 * 999 *是pptp服务器的配置,依次是 | ||
+ | 用户名 | ||
+ | |||
+ | 而999 mypptp " | ||
+ | |||
+ | ===== 客户端用pptpsetup生成配置文件 ===== | ||
+ | 最简单的生成命令是 | ||
+ | pptpsetup -create mypptp -server 192.168.0.156 -username 999 -password 999 -encrypt | ||
+ | 如果提示没有目录的话,需要手动创建peers目录 | ||
+ | mkdir / | ||
+ | 使用这条pptpsetup命令会在peers下生成mypptp文件 | ||
+ | gentoo-pjq etc # cat ppp/ | ||
+ | < | ||
+ | # written by pptpsetup | ||
+ | pty "pptp 192.168.0.156 --nolaunchpppd" | ||
+ | lock | ||
+ | noauth | ||
+ | nobsdcomp | ||
+ | nodeflate | ||
+ | name 999 | ||
+ | remotename mypptp | ||
+ | ipparam mypptp | ||
+ | require-mppe-128 | ||
+ | </ | ||
+ | 同时在chap-secrets中添加一条配置信息,也就是上面说的: | ||
+ | # added by pptpsetup for mypptp | ||
+ | 999 mypptp " | ||
+ | |||
+ | 之后如果需要启动mypptp,可以用如下命令 | ||
+ | pon mypptp | ||
+ | # | ||
+ | poff mypptp | ||
+ | |||
+ | ====== 查看LOG ====== | ||
+ | 前面我已经把debug模式打开了,并指定的log文件,所以可以用tail命令来查看log | ||
+ | tail -f / | ||
+ | 除此之外,还可以查看系统messages: | ||
+ | tail -f / | ||
+ | 以上这两种方法都可以查看到pptpd的log. | ||
+ | |||
+ | |||
+ | ====== 修改端口 ====== | ||
+ | pptp的默认端口是1723, | ||
+ | |||
+ | Google了一下如何修改端口,没有找到很有效的信息: | ||
+ | http:// | ||
+ | |||
+ | http:// | ||
+ | |||
+ | 试了这两个方法,好像都没用,先记下再说: | ||
+ | |||
+ | 1.先修改服务器的端口 | ||
+ | vim / | ||
+ | 找1723, | ||
+ | pptp 1195/tcp | ||
+ | pptp 1195/udp | ||
+ | 改成想要的端口。 | ||
+ | |||
+ | 2.修改Windows上的端口 | ||
+ | < | ||
+ | 以管理员身份运行 regedit , | ||
+ | </ | ||
+ | |||
+ | 很遗憾照着这个修改,好像没起到什么作用。 | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
| | ||
/var/www/dokuwiki/wiki/data/pages/network-service/setup-pptp.txt · Last modified: 2016/05/05 13:07 by 127.0.0.1