Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Centos7 installs pptpd (using iptbales Firewall)

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

one。 System setup

Close selinux

[root@TW2 system] # cat / etc/selinux/configSELINUX=disabled

Check whether it is supported

[root@TW2 system] # modprobe ppp-compress-18 & & echo yesyes

two。 Install pptp

[root@TW2 system] # yum-y update [root@TW2 system] # yum install pptpd pptp-y

Set up:

[root@TW2 system] # cat / etc/pptpd.conf | grep-v "#" | grep-v "^ $" option / etc/ppp/options.pptpdlogwtmplocalip 192.168.36.1remoteip 192.168.36.100-238 [root@TW2 system] # cat / etc/ppp/options.pptpd | grep-v "#" | grep-v "^ $" name pptpdrefuse-paprefuse-chaprefuse-mschaprequire-mschap-v2require-mppe-128ms-dns 8.8.8.8ms-dns 8.8.4.4proxyarplocknobsdcomp novjnovjccompnologfd [root@TW2 system] # Cat / etc/ppp/chap-secrets# Secrets for authentication using CHAP# client server secret IP addressestest pptpd test1 *

If the dialing is successful, the local address of the server is 192.168.36.1

Client assigned IP: 192.168.36.100-238.DNS: 8.8.8.8

All of the above is very simple, the detour is to install iptables below

three。 Set up a firewall

Turn off firewalld because iptables nat is easier to write than firewalld

[root@TW2 ~] # systemctl stop firewalld [root@TW2 system] # systemctl disable firewalld

Install iptables, it should be noted that to install the iptabels-services package, at first I am yum-y install iptables, I can not find the service to start.

[root@TW2 system] # yum install iptables-services [root@TW2 system] # systemctl enable iptables [root@TW2 system] # systemctl start iptables

Add on top of other rules

[root@TW2 system] # iptables-An INPUT-I eth0-p tcp-- dport 1723-j ACCEPT [root@TW2 system] # iptables-An INPUT-I eth0-p tcp-- dport 47-j ACCEPT [root@TW2 system] # iptables-I INPUT-p gre-j ACCEPT [root@TW2 system] # iptables-t nat-A POSTROUTING-s 192.168.36.0,255.255.255.0-j SNAT-to-source 103.*

103.* is your server ip, and the last one is forwarding

Cento7 does not have / etc/init.d/iptables save to save the rules, use the following command to save the rules, otherwise there are no iptables rules after the machine is restarted, save the rules to a file. Machine restart or systemctl restart iptables will also read the configuration from the file

[root@TW2 system] # iptables-save / etc/sysconfig/iptables

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report