Alibaba Cloud builds L2TP

Enterprise 2021-01-28 05:23:06 views: null

There are currently 4 types of VPN tunneling protocols: Point-to-Point Tunneling Protocol PPTP, Layer 2 Tunneling Protocol L2TP, Network Layer Tunneling Protocol IPSec and SOCKS v5. We only introduce Point-to-Point Tunneling Protocol PPTP here.

PPTP协议原理
PPTP使用一个TCP连接对隧道进行维护,使用通用路由封装(GRE)技术把数据封装成PPP数据桢通过隧道传送。可以对封装PPP桢中的负载数据进行加密或压缩。

环境准备

centos7服务器 (这里我使用阿里云,vpc专有网络。)

windows10 客户端 (测试***使用)

1、检查服务器是否支持PPTP协议
        modprobe ppp-compress-18 && echo ok

2.关闭防火墙
    systemctl stop firewalld.service
    systemctl disable firewalld.service

  1. Update yum source, install software package

    yum install epel-release -y

    yum install ppp pptpd ppp-devel iptables iptables-services -y

4. Modify the configuration file
vim /etc/pptpd.conf
localip 192.168.0.1 #Intranet ip address (the server's eth0 network card address, not the server public network address)
remoteip 192.168.0.10-150 #Customize the network segment assigned to the client

vim /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 223.5.5.5
ms-dns 114.114.114.114
proxyarp
lock
nobsdcomp
novj
novjccomp
nologfd
logfile /var/log/pptpd.log

vim /etc/ppp/chap-secrets    配置账号、密码
#在文件的末尾行添加自己的登录账号,添加登录账号的格式:用户名 pptpd 密码 *

test pptpd 12345 *

5. Configure IPv4 forwarding

echo 'net.ipv4.ip_forward=1' >>/etc/sysctl.conf

sysctl -p executes the command to take effect immediately

6. Configure the firewall and enable data routing (a critical step, without firewall configuration, network access cannot be achieved)

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 47 -j ACCEPT
iptables -A INPUT -p gre -j ACCEPT

iptables -t nat -A POSTROUTING -s 172.16.1.0/24 -o eth0 -j MASQUERADE

service iptables save save configuration
systemctl restart iptables restart firewall

配置阿里云白名单
开启TCP的1723端口
开启GRE协议

Alibaba Cloud builds L2TP

修改 vim /etc/ppp/ip-up 文件

Alibaba Cloud builds L2TP

重启服务
systemctl restart pptpd
systemctl restart  iptables

7. Configure the windows10 client

Alibaba Cloud builds L2TP
Alibaba Cloud builds L2TP

Alibaba Cloud builds L2TP

Alibaba Cloud builds L2TP

Alibaba Cloud builds L2TP

Intranet address to connect to Alibaba Cloud server

Alibaba Cloud builds L2TP

Guess you like

Origin blog.51cto.com/zailushang/2607866
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com