First install the pptpd service, which is the software module of the VPN connection.
Type: yum install ppp iptables pptpd
After installation is complete
A: Edit pptpd.conf:
Enter: vim /etc/pptpd.conf
Find localip, remove the # in front of the field below, then save and exit.
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245
B: Edit options.pptpd
vim /etc/ppp/options.pptpd
Search for ms-dns, remove the # in front of the two lines of ms-dns found, and modify it to the following fields
ms-dns 8.8.8.8
ms-dns 8.8.4.4
C: Then the account password to join the VPN, you need to edit the /etc/ppp/chap-secrets settings:
vim /etc/ppp/chap-secrets
Add a line and enter it in the following format:
Username pptpd Password * *represents the accessible IP address
Save and exit, configure the kernel.
D:
vim /etc/sysctl.conf
Add a line to this file: net.ipv4.ip_forward=1
Also add # in front of "net.ipv4.tcp_syncookies = 1":
# net.ipv4.tcp_syncookies = 1, then save and exit.
Enter: sysctl -p to make the settings just now take effect.
enter:
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source the public IP of your Silicon Valley server.
Please note that the last parameter is not the Chinese paragraph, but the IP address of your server. Go to Alibaba Cloud's management platform to see.
Then enter: chmod +x /etc/rc.d/rc.local
Edit system configuration: vi /etc/rc.d/rc.local
Add the iptables command just now. Save and exit.
Start the service of the vpn link: systemctl start pptpd
----------------------------------------------------------------------------------------------------------
iptables-save > iptables.bak
iptables-restore < iptables.bak
6. Modify the kernel settings to support forwarding. Edit the /etc/sysctl.conf file:
vi /etc/sysctl.conf
Change "net.ipv4.ip_forward" to 1:
net.ipv4.ip_forward=1
Also add # in front of "net.ipv4.tcp_syncookies = 1":
# net.ipv4.tcp_syncookies = 1
Save and exit, and execute the following command to take effect:
sysctl -p
7. Add iptables forwarding rules.
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source 12.34.56.78
(OpenVZ, 12.34.56.78 is the public IP address of your VPS)
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE