Shulou(Shulou.com)06/02 Report--

This article will explain in detail the methods of building pptpd services on ubuntu16.04. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Port 1723 and gre protocol are required to build pptp vpn.

1. Aliyun has a security group that needs an open port to access, and new security group rules need to be added.

Log in to the Ali CVM management console, and add security group rules. Enter / exit directions and enter the port range as 1723 / 1723 as shown in the figure.

two。 At the same time, port 1723 should be opened inside the server, which will be discussed later.

Second, install pptp

Sudo apt-get install pptpd

3. Configure pptp

1. Configure the host ip and the ip pool assigned by the devices connecting to the host

Sudo vim / etc/pptpd.conf # remove 9699 as shown in the picture

two。 Configure dns resolution

The public dns of sudo vim / etc/ppp/pptpd-options # excluding 58 and 5 years Aliyun is 223.6.6.6 and 223.5.5.5, so the figure is as follows

3. Configure login users

Sudo vim / etc/ppp/chap-secrets # add user (user name) pptpd (protocol) password (password) ip addresses separated by tab at the end, and multiple addresses can be set

4. Enable ip forwarding function

Sudo vim / etc/sysctl.conf

The # without net.ipv4.ip_forward=1 is roughly on line 25.

Update sudo sysctl-p

Open port 1723 of the server and open the gre protocol

Installation of iptable iptable is in charge of ip and firewall

Sudo apt-getinstall iptables

Sudo iptables-An INPUT-p tcp-- dport 1723-j ACCEPT # Open port 1723

Sudo iptables-An INPUT-p gre-j ACCEPT # enables gre protocol

6. Enable NAT forwarding

Sudo iptables-t nat-A POSTROUTING-s 192.168.0.1 hand 24-o ens3-j MASQUERADE

Where 192.168.0.1 ip 24 is the subnet mask that sets the host.

Ens3 is the name of the server network card, which can be viewed through ifconfig.

Sudo iptables-save saved and effective

Restart pptpd to make it effective

Service pptpd restart

Note:

1. I also used the sudo ufw allow 1723/tcp command to open port 1723

2. When logging in to vpn, the server address is the public network address, the user name and password are the user and password configured in step 3.

This is the end of this article on "how ubuntu16.04 builds pptpd services". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.