Of Stack

The method in linux to configure the pptp server configuration

  • 2020-05-15 03:19:03
  • OfStack

1. Verify whether the kernel loads the MPPE module:

modprobe ppp-compress-18 && echo MPPE is ok

2. Install the required software package:

yum -y install ppp
wget ftp://rpmfind.net/linux/epel/7/x86_64/p/pptpd-1.4.0-2.el7.x86_64.rpm
rpm -ivh pptpd-1.4.0-2.el7.x86_64.rpm

3. Configuration files of PPP and PPTP:

grep ^[^#] /etc/ppp/options.pptpd
vi /etc/ppp/options.pptpd 


name pptpd
#refuse-pap
#refuse-chap
#refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd

vi /etc/ppp/chap-secrets 


username  pptpd  passwd  *

vi /etc/pptpd.conf 


option /etc/ppp/options.pptpd
logwtmp
localip 192.168.0.1
remoteip 192.168.0.207-217

4. Open the kernel's IP forwarding function:

vi /etc/sysctl.conf 


net.ipv4.ip_forward = 1

/sbin/sysctl -p

5. Configure firewall and NAT forwarding 


yum install iptables-services
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl enable iptables.service
systemctl start iptables.service

Open packet forwarding: 


iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE
service iptables save
service iptables restart

Open port and gre protocol: 


iptables -A INPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p gre -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE

Add rules: 


iptables -A INPUT -p gre -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -o eno16777736 -j ACCEPT
iptables -A FORWARD -d 192.168.0.0/24 -i eno16777736 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eno16777736 -j MASQUERADE
service iptables save

Launch and view services: 


systemctl start pptpd
systemctl enable pptpd
systemctl status pptpd

6. View pptpd service processes and ports: 


#ps -ef | grep pptpd
root   25100   1 0 14:19 ?    00:00:00 /usr/sbin/pptpd -f
root   25463 24275 0 14:52 pts/0  00:00:00 grep --color=auto pptpd
# netstat -nutap | grep pptpd
tcp    0   0 0.0.0.0:1723      0.0.0.0:*        LISTEN   25100/pptpd
Related articles: