Open a portal : https://my.oschina.net/isnail/blog/363151
Thank you for sharing, thank you.
The following is the original text:
The advantage of using PPTP to build a VPN is that the configuration is simple and fast. Record the personal process for your reference, and list the problems encountered in the process one by one to solve the problem. . .
Go directly to the steps:
1. The first step is to install PPTP to provide VPN services.
sudo apt-get install pptpd
If there is a problem, such as a prompt that it cannot be found, apt-get update should be enough, and then it will automatically complete the installation again.
2. After installing it, we need to configure it so that it can be used.
sudo vi /etc/pptpd.conf
Uncomment the following 2 lines:
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245
They are the IPs used by the host and the client after connecting through the VPN, which can be modified by yourself. Note that this IP will also be used below.
3. Then we need to assign an account to ourselves.
sudo vi /etc/ppp/chap-secrets
This is the user list file
Add an account in it as follows
username pptpd "password" *
username is your username password is your password, the password is enclosed in quotation marks, and the last * sign means that it is allowed to connect to the service on any IP
4. At this point, the service is ready. If you sudo service pptpd restart, you should be able to connect to the VPN, but after connecting, you will find that you cannot access the external network. Then we need to allow him to access the external network. first,
sudo vi /etc/ppp/pptpd-options
Find ms-dns, uncomment it, and change it to your favorite DNS such as 8.8.8.8, 8.8.4.4
5. Then we have to enable kernel IP forwarding
sudo vi /etc/sysctl.conf
Uncomment the line net.ipv4.ip_forward=1.
then execute
sudo sysctl -p
Make the modified file configuration take effect immediately.
6. Then we need to install iptables to implement NAT forwarding of requests
sudo apt-get install iptables
Then enable NAT forwarding.
sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
192.168.0.0/24 is the IP segment you set above, let this segment forward
Note that eth0 is the network card you connect to the external network. It may not be 0 or 1, or it depends on which network card of your machine is connected to the external network.
# (The reprinter inserts a word: For example, I use the ifconfig command, and the picture below comes out)
#Where enp3s0 is the name of the network card, and lo is the loop.
#refer to:
#http://blog.csdn.net/christne1225i/article/details/54914829
#So my command is:
# sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o enp2s0 -j MASQUERADE
In this way, things from the external network are requested by NAT. If you don't know which network card of your machine is connected to the external network, ifconfig can see which network card is the external network IP.
7. Finally, we need to restart the service for the configuration to take effect.
sudo service pptpd restart
Now that you can connect to a VPN and fly in the real world, go play.