centos一键安装pptp centos7

centos安装配置pptpvpn服务器步骤分享

说明：

服务器操作系统：CentOS 5.X 64位

服务器IP地址：192.168.21.128

实现目的：服务器安装配置pptp软件，对外提供vpn拨号服务

具体操作：

一、安装包下载

1、ppp#安装pptpd需要此软件包

2、pptpd#目前最新版本

下载好之后上传到/usr/local/src目录

二、检查服务器系统环境是否支持安装pptp vpn

1、检查系统内核是否支持MPPE补丁

复制代码代码如下:

modprobe ppp-compress-18&&echo success

显示success说明系统支持MPPE补丁，如果不支持，需要先安装kernel-devel

复制代码代码如下:

yum install kernel-devel

2、检查系统是否开启TUN/TAP支持

cat/dev/net/tun

如果这条指令显示结果为下面的文本，则表明通过：

复制代码代码如下:

cat:/dev/net/tun: File descriptor in bad state

3、检查系统是否开启ppp支持

复制代码代码如下:

cat/dev/ppp

如果这条指令显示结果为下面的文本，则表明通过：

复制代码代码如下:

cat:/dev/ppp: No such device or address

上面三条必须同时满足，否则不能安装pptp vpn

三、安装pptp

复制代码代码如下:

cd/usr/local/src

rpm-ivh ppp-2.4.4-14.1.rhel5.x86_64.rpm#安装ppp

rpm-ivh pptpd-1.4.0-1.rhel5.x86_64.rpm#安装pptp

四、配置pptp

1、vi/etc/ppp/options.pptpd#编辑，添加、修改以下参数

复制代码代码如下:

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

proxyarp

lock

nobsdcomp

novj

novjccomp

nologfd

ms-dns 8.8.8.8#添加主DNS服务器地址

ms-dns 8.8.4.4#添加备DNS服务器地址

:wq!#保存，退出

2、vi/etc/ppp/chap-secrets#设置pptp拨号用户和密码（可以设置多个用户，每行一个）

复制代码代码如下:

# client server secret IP addresses

osyunweivpnuser01 pptpd 123456*

osyunweivpnuser02 pptpd 1234*

osyunweivpnuser03 pptpd 12345678*

格式：用户名 pptpd密码*

其中*表示为客户端自动分配IP地址

:wq!#保存，退出

3、vi/etc/pptpd.conf#设置pptp服务器IP地址，设置vpn拨入客户端ip地址池

复制代码代码如下:

option/etc/ppp/options.pptpd

logwtmp

localip 172.16.36.1#设置pptp虚拟拨号服务器IP地址（注意：不是服务器本身的IP地址）

remoteip 172.16.36.2-254#为拨入vpn的用户动态分配172.16.36.2～172.16.36.254之间的IP地址复制代码代码如下:

:wq!#保存，退出

/sbin/service pptpd start#启动pptp

/etc/init.d/pptpd stop#关闭

service pptpd restart#重启

chkconfig pptpd on#设置开机启动

五、开启服务器系统路由模式，支持包转发

编辑vi/etc/sysctl.conf

复制代码代码如下:

net.ipv4.ip_forward= 1#设置为1

#net.ipv4.tcp_syncookies= 1#注释掉

复制代码代码如下:

:wq!#保存，退出

/sbin/sysctl-p#使设置立刻生效

六、设置防火墙转发规则

复制代码代码如下:

yum install iptables#安装防火墙

service iptables start#启动防火墙

iptables-t nat-A POSTROUTING-s 172.16.36.0/255.255.255.0-j SNAT--to-source 192.168.21.128#添加规则

iptables-A FORWARD-p tcp--syn-s 172.16.36.0/255.255.255.0-j TCPMSS--set-mss 1356#添加规则

/etc/init.d/iptables save#保存防火墙设置

七、开启pptp服务端口tcp 1723，设置vpn拨入客户端ip地址池172.16.36.0/255.255.255.0通过防火墙

编辑vi/etc/sysconfig/iptables，添加以下代码

复制代码代码如下:

-A RH-Firewall-1-INPUT-p tcp-m state--state NEW-m tcp--dport 1723-j ACCEPT

-A RH-Firewall-1-INPUT-s 172.16.36.0/255.255.255.0-j ACCEPT

:wq!#保存，退出

备注：

复制代码代码如下:

#192.168.21.128为服务器IP地址

#172.16.36.0/255.255.255.0是第四步中设置的pptp虚拟拨号服务器IP地址段

/etc/init.d/iptables restart#重启防火墙

chkconfig iptables on#设置开机启动

cat/etc/sysconfig/iptables#查看防火墙配置文件

# Generated by iptables-save v1.3.5 on Wed Dec 11 20:21:08 2013

*nat

: PREROUTING ACCEPT [60:4680]

: POSTROUTING ACCEPT [4:258]

:OUTPUT ACCEPT [4:258]

-A POSTROUTING-s 172.16.36.0/255.255.255.0-j SNAT--to-source 192.168.21.128

COMMIT

# Completed on Wed Dec 11 20:21:08 2013

# Generated by iptables-save v1.3.5 on Wed Dec 11 20:21:08 2013

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [94:16159]

:RH-Firewall-1-INPUT- [0:0]

-A INPUT-j RH-Firewall-1-INPUT

-A FORWARD-j RH-Firewall-1-INPUT

-A FORWARD-s 172.16.36.0/255.255.255.0-p tcp-m tcp--tcp-flags FIN,SYN,RST,ACK SYN-j TCPMSS--set-mss 1356

-A RH-Firewall-1-INPUT-i lo-j ACCEPT

-A RH-Firewall-1-INPUT-p icmp-m icmp--icmp-type any-j ACCEPT

-A RH-Firewall-1-INPUT-p esp-j ACCEPT

-A RH-Firewall-1-INPUT-p ah-j ACCEPT

-A RH-Firewall-1-INPUT-d 224.0.0.251-p udp-m udp--dport 5353-j ACCEPT

-A RH-Firewall-1-INPUT-p udp-m udp--dport 631-j ACCEPT

-A RH-Firewall-1-INPUT-p tcp-m tcp--dport 631-j ACCEPT

-A RH-Firewall-1-INPUT-m state--state RELATED,ESTABLISHED-j ACCEPT

-A RH-Firewall-1-INPUT-p tcp-m state--state NEW-m tcp--dport 22-j ACCEPT

-A RH-Firewall-1-INPUT-p tcp-m state--state NEW-m tcp--dport 1723-j ACCEPT

-A RH-Firewall-1-INPUT-s 172.16.36.0/255.255.255.0-j ACCEPT

-A RH-Firewall-1-INPUT-j REJECT--reject-with icmp-host-prohibited

COMMIT

# Completed on Wed Dec 11 20:21:08 2013

八、设置开机自动建立ppp设备节点（系统重新启动后有可能会丢失此文件，导致pptp客户端拨号出现错误619）

编辑vi/etc/rc.d/rc.local，在文件最后添加此行代码

复制代码代码如下:

mknod/dev/ppp c 108 0#在文件最后添加此行代码

:wq!#保存，退出

Linux上PPTPVPN的一键安装以及设置开机启动的方法

设置pptp vpn开机启动

有的人懒的重启后手动开启服务，所以下面我再补上开机自动启动pptp vpn和 iptables的命令

复制代码代码如下:#chkconfig pptpd on//开机启动pptp vpn服务

#chkconfig iptables on//开机启动iptables

贴个openvz的pptp vpn一件安装包吧：centos，fedora，redhat 6.x使用的脚本(vps上从没安装过的可以试试这个脚本):点击下载

复制代码代码如下:#!/bin/bash

# Interactive pptp vpn install script for an OpenVZ VPS

# surport: Cenost,Fedora 6.x

# Augest 24, 2014 v1.00

#url：

echo"######################################################"

echo"Interactive PoPToP Install Script for an OpenVZ VPS"

echo

echo"Make sure to contact your provider and have them enable"

echo"IPtables and ppp modules prior to setting up PoPToP."

echo"PPP can also be enabled from SolusVM."

echo

echo"You need to set up the server before creating more users."

echo"A separate user is required per connection or machine."

echo"######################################################"

echo

echo

echo"######################################################"

echo"Select on option:"

echo"1) Set up new PoPToP server AND create one user"

echo"2) Create additional users"

echo"######################################################"

read x

if test$x-eq 1; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

## get the VPS IP

#ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

echo

echo"######################################################"

echo"Downloading and Installing ppp and pptpd"

echo"######################################################"

yum install ppp-y

rpm-Uvh

yum install pptpd-y

echo

echo"######################################################"

echo"Creating Server Config"

echo"######################################################"

cp/etc/ppp/options.pptpd/etc/ppp/options.pptpd.bak

sed-i'70a ms-dns 8.8.8.8'/etc/ppp/options.pptpd

# setting up pptpd.conf

sed-i'101a localip 192.168.9.1'/etc/pptpd.conf

sed-i'102a remoteip 192.168.9.11-30'/etc/pptpd.conf

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Forwarding IPv4 and Enabling it on boot"

echo"######################################################"

cat>>/etc/sysctl.conf<<END

net.ipv4.ip_forward=1

END

sysctl-p

echo

echo"######################################################"

echo"Updating IPtables Routing and Enabling it on boot"

echo"######################################################"

iptables-t nat-A POSTROUTING-o eth0-j MASQUERADE

# saves iptables routing rules and enables them on-boot

iptables-save>/etc/iptables.conf

cat>/etc/network/if-pre-up.d/iptables<<END

#!/bin/sh

iptables-restore</etc/iptables.conf

END

chmod+x/etc/network/if-pre-up.d/iptables

cat>>/etc/ppp/ip-up<<END

ifconfig ppp0 mtu 1400

END

echo

echo"######################################################"

echo"Restarting PoPToP"

echo"######################################################"

sleep 5

/etc/init.d/pptpd restart

echo

echo"######################################################"

echo"Server setup complete!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

# runs this if option 2 is selected

elif test$x-eq 2; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Addtional user added!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

else

echo"Invalid selection, quitting."

exit

fi

#!/bin/bash

# Interactive pptp vpn install script for an OpenVZ VPS

# surport: Cenost,Fedora 6.x

# Augest 24, 2014 v1.00

#url：

echo"######################################################"

echo"Interactive PoPToP Install Script for an OpenVZ VPS"

echo

echo"Make sure to contact your provider and have them enable"

echo"IPtables and ppp modules prior to setting up PoPToP."

echo"PPP can also be enabled from SolusVM."

echo

echo"You need to set up the server before creating more users."

echo"A separate user is required per connection or machine."

echo"######################################################"

echo

echo

echo"######################################################"

echo"Select on option:"

echo"1) Set up new PoPToP server AND create one user"

echo"2) Create additional users"

echo"######################################################"

read x

if test$x-eq 1; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

## get the VPS IP

#ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

echo

echo"######################################################"

echo"Downloading and Installing ppp and pptpd"

echo"######################################################"

yum install ppp-y

rpm-Uvh

yum install pptpd-y

echo

echo"######################################################"

echo"Creating Server Config"

echo"######################################################"

cp/etc/ppp/options.pptpd/etc/ppp/options.pptpd.bak

sed-i'70a ms-dns 8.8.8.8'/etc/ppp/options.pptpd

# setting up pptpd.conf

sed-i'101a localip 192.168.9.1'/etc/pptpd.conf

sed-i'102a remoteip 192.168.9.11-30'/etc/pptpd.conf

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Forwarding IPv4 and Enabling it on boot"

echo"######################################################"

cat>>/etc/sysctl.conf<<END

net.ipv4.ip_forward=1

END

sysctl-p

echo

echo"######################################################"

echo"Updating IPtables Routing and Enabling it on boot"

echo"######################################################"

iptables-t nat-A POSTROUTING-o eth0-j MASQUERADE

# saves iptables routing rules and enables them on-boot

iptables-save>/etc/iptables.conf

cat>/etc/network/if-pre-up.d/iptables<<END

#!/bin/sh

iptables-restore</etc/iptables.conf

END

chmod+x/etc/network/if-pre-up.d/iptables

cat>>/etc/ppp/ip-up<<END

ifconfig ppp0 mtu 1400

END

echo

echo"######################################################"

echo"Restarting PoPToP"

echo"######################################################"

sleep 5

/etc/init.d/pptpd restart

echo

echo"######################################################"

echo"Server setup complete!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

# runs this if option 2 is selected

elif test$x-eq 2; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Addtional user added!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

else

echo"Invalid selection, quitting."

exit

fi

复制下面代码到install.sh中，然后 sh isntall.sh。这个是只支持debian和ubuntu系列，centos不支持。

复制代码代码如下:

#!/bin/bash

# Interactive PoPToP install script for an OpenVZ VPS

# Tested on Debian 5, 6, and Ubuntu 11.04

# April 2, 2013 v1.11

#

echo"######################################################"

echo"Interactive PoPToP Install Script for an OpenVZ VPS"

echo

echo"Make sure to contact your provider and have them enable"

echo"IPtables and ppp modules prior to setting up PoPToP."

echo"PPP can also be enabled from SolusVM."

echo

echo"You need to set up the server before creating more users."

echo"A separate user is required per connection or machine."

echo"######################################################"

echo

echo

echo"######################################################"

echo"Select on option:"

echo"1) Set up new PoPToP server AND create one user"

echo"2) Create additional users"

echo"######################################################"

read x

if test$x-eq 1; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# get the VPS IP

ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

echo

echo"######################################################"

echo"Downloading and Installing PoPToP"

echo"######################################################"

apt-get update

apt-get-y install pptpd

echo

echo"######################################################"

echo"Creating Server Config"

echo"######################################################"

cat>/etc/ppp/pptpd-options<<END

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

ms-dns 8.8.8.8

ms-dns 8.8.4.4

proxyarp

nodefaultroute

lock

nobsdcomp

END

# setting up pptpd.conf

echo"option/etc/ppp/pptpd-options">/etc/pptpd.conf

echo"logwtmp">>/etc/pptpd.conf

echo"localip$ip">>/etc/pptpd.conf

echo"remoteip 10.1.0.1-100">>/etc/pptpd.conf

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Forwarding IPv4 and Enabling it on boot"

echo"######################################################"

cat>>/etc/sysctl.conf<<END

net.ipv4.ip_forward=1

END

sysctl-p

echo

echo"######################################################"

echo"Updating IPtables Routing and Enabling it on boot"

echo"######################################################"

iptables-t nat-A POSTROUTING-j SNAT--to$ip

# saves iptables routing rules and enables them on-boot

iptables-save>/etc/iptables.conf

cat>/etc/network/if-pre-up.d/iptables<<END

#!/bin/sh

iptables-restore</etc/iptables.conf

END

chmod+x/etc/network/if-pre-up.d/iptables

cat>>/etc/ppp/ip-up<<END

ifconfig ppp0 mtu 1400

END

echo

echo"######################################################"

echo"Restarting PoPToP"

echo"######################################################"

sleep 5

/etc/init.d/pptpd restart

echo

echo"######################################################"

echo"Server setup complete!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

# runs this if option 2 is selected

elif test$x-eq 2; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# get the VPS IP

ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Addtional user added!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

else

echo"Invalid selection, quitting."

exit

fi

#!/bin/bash

# Interactive PoPToP install script for an OpenVZ VPS

# Tested on Debian 5, 6, and Ubuntu 11.04

# April 2, 2013 v1.11

#

echo"######################################################"

echo"Interactive PoPToP Install Script for an OpenVZ VPS"

echo

echo"Make sure to contact your provider and have them enable"

echo"IPtables and ppp modules prior to setting up PoPToP."

echo"PPP can also be enabled from SolusVM."

echo

echo"You need to set up the server before creating more users."

echo"A separate user is required per connection or machine."

echo"######################################################"

echo

echo

echo"######################################################"

echo"Select on option:"

echo"1) Set up new PoPToP server AND create one user"

echo"2) Create additional users"

echo"######################################################"

read x

if test$x-eq 1; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# get the VPS IP

ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

echo

echo"######################################################"

echo"Downloading and Installing PoPToP"

echo"######################################################"

apt-get update

apt-get-y install pptpd

echo

echo"######################################################"

echo"Creating Server Config"

echo"######################################################"

cat>/etc/ppp/pptpd-options<<END

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

ms-dns 8.8.8.8

ms-dns 8.8.4.4

proxyarp

nodefaultroute

lock

nobsdcomp

END

# setting up pptpd.conf

echo"option/etc/ppp/pptpd-options">/etc/pptpd.conf

echo"logwtmp">>/etc/pptpd.conf

echo"localip$ip">>/etc/pptpd.conf

echo"remoteip 10.1.0.1-100">>/etc/pptpd.conf

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Forwarding IPv4 and Enabling it on boot"

echo"######################################################"

cat>>/etc/sysctl.conf<<END

net.ipv4.ip_forward=1

END

sysctl-p

echo

echo"######################################################"

echo"Updating IPtables Routing and Enabling it on boot"

echo"######################################################"

iptables-t nat-A POSTROUTING-j SNAT--to$ip

# saves iptables routing rules and enables them on-boot

iptables-save>/etc/iptables.conf

cat>/etc/network/if-pre-up.d/iptables<<END

#!/bin/sh

iptables-restore</etc/iptables.conf

END

chmod+x/etc/network/if-pre-up.d/iptables

cat>>/etc/ppp/ip-up<<END

ifconfig ppp0 mtu 1400

END

echo

echo"######################################################"

echo"Restarting PoPToP"

echo"######################################################"

sleep 5

/etc/init.d/pptpd restart

echo

echo"######################################################"

echo"Server setup complete!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

# runs this if option 2 is selected

elif test$x-eq 2; then

echo"Enter username that you want to create(eg. client1 or john):"

read u

echo"Specify password that you want the server to use:"

read p

# get the VPS IP

ip=`ifconfig venet0:0| grep'inet addr'| awk{'print$2'}| sed s/.*://`

# adding new user

echo"$u*$p*">>/etc/ppp/chap-secrets

echo

echo"######################################################"

echo"Addtional user added!"

echo"Connect to your VPS at$ip with these credentials:"

echo"Username:$u##### Password:$p"

echo"######################################################"

else

echo"Invalid selection, quitting."

exit

fi

Centos7系统安装PPTP教程

对于互联网行业工作者，设置动态地址常通过PPTP/L2TP于Windows系统或安卓、苹果手机。若企业客户利用CentOS7系统进行数据抓取，需如何配置PPTP？本教程将提供具体步骤。

首先，确保有CentOS7服务器。其次，检查系统是否支持PPTP。执行如下命令，满足任一即可。

若需安装PPP与PPTPD，执行以下步骤。

1、安装PPP

2、安装PPTPD

注意，安装前需添加EPEL源，更新源列表，然后安装PPTPD。

编辑/etc/pptpd.conf以设定内网IP段。

接着，修改/etc/ppp/options.pptpd，调整DNS设置与日志记录。

编辑/etc/ppp/chap-secrets设定PPTP账号与密码，以支持任意IP连接。

调整内核参数支持内核转发于/etc/sysctl.conf。

对防火墙进行配置，创建规则文件，修改规则，并允许47及1723端口，以及gre协议。

设置转发规则，确保数据包通过eth0和ppp+接口进出。

最后，重启服务器以应用所有更改。