CentOS 7配置pptpd

安装所需要的服务组件

yum install -y ppp pptpd 
yum install -y iptables iptables-services

首先配置/etc/ppp/options.pptpd文件,找到网络和路由设置,我们设置ms-dns为8.8.8.8和8.8.4.4

# Network and Routing

# If pppd is acting as a server for Microsoft Windows clients, this
# option allows pppd to supply one or two DNS (Domain Name Server)
# addresses to the clients.  The first instance of this option
# specifies the primary DNS address; the second instance (if given)
# specifies the secondary DNS address.
ms-dns 8.8.8.8
ms-dns 8.8.4.4

接下来,创建PPTP的用户,编辑/etc/ppp/chap-secrets

# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
your_username * your_password *

接下来修改/etc/pptpd.conf,去除localip和remoteip

# (Recommended)
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

接下来,编辑/etc/sysctl.conf文件,允许IP forwarding,添加net.ipv4.ip_forward=1到文件结尾

# System default settings live in /usr/lib/sysctl.d/00-system.conf.
# To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward=1

使配置生效

sysctl -p
systemctl restart pptpd.service
systemctl enable pptpd.service

至此,pptpd的配置就完成了,接下来使用iptables配置转发规则。首先关闭firewalld

systemctl stop firewalld
systemctl mask firewalld

添加iptables规则

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1723 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE

保存规则

service iptables save
service iptables start

发表评论

电子邮件地址不会被公开。 必填项已用*标注