To install PPTP in your centOS, first download the repo
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
Now install PPTPD
yum -y install pptpd
Now edit /etc/pptpd.conf and add the following lines:
localip 192.168.10.1
remoteip 192.168.10.100-200
Where localip is IP address of the server and remoteip are IPs that will be assigned to clients that connect to it.
Now, you should setup authentication for PPTP by adding users and passwords.
Simply add them to /etc/ppp/chap-secrets :
user1 pptpd "password" *
Add DNS servers to /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
service pptpd restart
Verify that it is running and accepting connections:
netstat -alpn | grep :1723
Now enable forwarding. Simply edit /etc/sysctl.conf and add the following line if it doesn’t exist there already:
net.ipv4.ip_forward = 1
To make changes active, run
sysctl -p
Now create a NAT rule for iptables
iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
If you would also like your PPTP clients to talk to each other, add the following iptables rules:
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 192.168.10.0/24 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface venet0 -j ACCEPT
Now save iptables
iptables-save
rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
Now install PPTPD
yum -y install pptpd
Now edit /etc/pptpd.conf and add the following lines:
localip 192.168.10.1
remoteip 192.168.10.100-200
Where localip is IP address of the server and remoteip are IPs that will be assigned to clients that connect to it.
Now, you should setup authentication for PPTP by adding users and passwords.
Simply add them to /etc/ppp/chap-secrets :
user1 pptpd "password" *
Add DNS servers to /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
service pptpd restart
Verify that it is running and accepting connections:
netstat -alpn | grep :1723
Now enable forwarding. Simply edit /etc/sysctl.conf and add the following line if it doesn’t exist there already:
net.ipv4.ip_forward = 1
To make changes active, run
sysctl -p
Now create a NAT rule for iptables
iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
If you would also like your PPTP clients to talk to each other, add the following iptables rules:
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 192.168.10.0/24 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface venet0 -j ACCEPT
Now save iptables
iptables-save
No comments:
Post a Comment