时光途径’Blog配置文件详解
| 需要编辑的文件 | 需要添加的内容 | 作用 |
|---|---|---|
| /etc/pptpd.conf | localip 192.168.0.1 remoteip 192.168.1.234-238 |
分配用户ip |
| /etc/ppp/chap-secrets | 格式:用户名1 pptpd 密码1 * 用户名2 pptpd 密码2 * |
设置用户名和密码 |
| /etc/ppp/pptpd-options | ms-dns 8.8.8.8 ms-dns 8.8.4.4 |
添加dns |
| /etc/sysctl.conf | net.ipv4.ip_forward = 1 | 设置ip地址转发 |
首先要检查VPS的是否能安装pptpd,TUN和PPP是否开启。
cat /dev/net/tun
- 返回内容必须如下:
cat: /dev/net/tun: File descriptor in bad state
查看ppp
cat /dev/ppp
- 返回内容必须如下:
cat: /dev/ppp: No such device or address
安装pptp
apt-get install pptpd
一键脚本:
#!/bin/bash
# Interactive PoPToP install script for an OpenVZ VPS
# Tested on Debian 5, 6, and Ubuntu 11.04
# April 2, 2013 v1.11
# Author: Commander Waffles
# http://www.putdispenserhere.com/pptp-debian-ubuntu-openvz-setup-script/
echo "######################################################"
echo "Interactive PoPToP Install Script for an OpenVZ VPS"
echo
echo "Make sure to contact your provider and have them enable"
echo "IPtables and ppp modules prior to setting up PoPToP."
echo "PPP can also be enabled from SolusVM."
echo
echo "You need to set up the server before creating more users."
echo "A separate user is required per connection or machine."
echo "######################################################"
echo
echo
echo "######################################################"
echo "Select on option:"
echo "1) Set up new PoPToP server AND create one user"
echo "2) Create additional users"
echo "######################################################"
read x
if test $x -eq 1; then
echo "Enter username that you want to create (eg. client1 or john):"
read u
echo "Specify password that you want the server to use:"
read p
# get the VPS IP
ip=`ifconfig venet0:0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://`
echo
echo "######################################################"
echo "Downloading and Installing PoPToP"
echo "######################################################"
apt-get update
apt-get -y install pptpd
echo
echo "######################################################"
echo "Creating Server Config"
echo "######################################################"
cat > /etc/ppp/pptpd-options <<END
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
nodefaultroute
lock
nobsdcomp
END
# setting up pptpd.conf
echo "option /etc/ppp/pptpd-options" > /etc/pptpd.conf
echo "logwtmp" >> /etc/pptpd.conf
echo "localip $ip" >> /etc/pptpd.conf
echo "remoteip 10.1.0.1-100" >> /etc/pptpd.conf
# adding new user
echo "$u * $p *" >> /etc/ppp/chap-secrets
echo
echo "######################################################"
echo "Forwarding IPv4 and Enabling it on boot"
echo "######################################################"
cat >> /etc/sysctl.conf <<END
net.ipv4.ip_forward=1
END
sysctl -p
echo
echo "######################################################"
echo "Updating IPtables Routing and Enabling it on boot"
echo "######################################################"
iptables -t nat -A POSTROUTING -j SNAT --to $ip
# saves iptables routing rules and enables them on-boot
iptables-save > /etc/iptables.conf
cat > /etc/network/if-pre-up.d/iptables <<END
#!/bin/sh
iptables-restore < /etc/iptables.conf
END
chmod +x /etc/network/if-pre-up.d/iptables
cat >> /etc/ppp/ip-up <<END
ifconfig ppp0 mtu 1400
END
echo
echo "######################################################"
echo "Restarting PoPToP"
echo "######################################################"
sleep 5
/etc/init.d/pptpd restart
echo
echo "######################################################"
echo "Server setup complete!"
echo "Connect to your VPS at $ip with these credentials:"
echo "Username:$u ##### Password: $p"
echo "######################################################"
# runs this if option 2 is selected
elif test $x -eq 2; then
echo "Enter username that you want to create (eg. client1 or john):"
read u
echo "Specify password that you want the server to use:"
read p
# get the VPS IP
ip=`ifconfig venet0:0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://`
# adding new user
echo "$u * $p *" >> /etc/ppp/chap-secrets
echo
echo "######################################################"
echo "Addtional user added!"
echo "Connect to your VPS at $ip with these credentials:"
echo "Username:$u ##### Password: $p"
echo "######################################################"
else
echo "Invalid selection, quitting."
exit
fi
iptables配置:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save
使用PPTP时要注意网卡转发时的MTU值
在Ubuntu系统连接VPN时,服务器端显示mtu值为1496,可以正常连接网站
但是在windows系统连接时,服务器端显示mtu值为1396,只有部分网站能正常打开
解决方法为在/etc/ppp/下创建ip-up.local脚本
#!/bin/bash
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
ifconfig $1 mtu 1496
