Centos6.7下安装配置VPN

在Vultr上买了台VPS准备做VPN,不贵5刀,位置是日本东京的。ping值在100-200之间,还好算说的过去。

Vultr地址

系统选择的Centos6 的版本是6.7

在网上查了查linux下安装VPN的资料,解决方案真不少,有用OpenVPN的,有的是PPTP的。OpenVPN的稍麻烦些,需要证书什么的。因为是自己用,所以采用了PPTP的方案。

有好多同行,已经把PPTP这块的东西都写好了脚本,到时候直接运行脚本就行了。

教程参考地址 Centos6、7 下PPTP VPN一键安装脚本

在SSH中,输入  wget http://mirrors.linuxeye.com/oneinstack/vpn_centos.sh

给这个脚本文件分配执行权限

然后运行VPN_centos.sh 脚本

OK 结束

输入的命令

# wget http://mirrors.linuxeye.com/oneinstack/vpn_centos.sh

#  chmod a+x vpn_centos.sh

# ./vpn_centos.sh

运行脚本后,会提示新建一个用户,并设定密码。此帐号用于客户端登录使用VPN。

好了。到这里就是全部结束了。

现附上脚本内容

 #!/bin/bash
 #
 # Author:  yeho <lj2007331 AT gmail.com>
 # Blog:  http://blog.linuxeye.com
 #
 # Installs a PPTP VPN-only system for CentOS

 # Check if user is root
 [ $(id -u) != " ] && echo "Error: You must be root to run this script" && exit 1

 export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 clear
 printf "
 #######################################################################
 #    LNMP/LAMP/LANMP for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+    #
 # For more information please visit http://blog.linuxeye.com/31.html  #
 #######################################################################
 "

 [ ! -e '/usr/bin/curl' ] && yum -y install curl

 VPN_IP=`curl ipv4.icanhazip.com`

 VPN_USER="linuxeye"
 VPN_PASS="linuxeye"

 VPN_LOCAL="192.168.0.150"
 VPN_REMOTE="192.168.0.151-200"

 while :
 do
         echo
         read -p "Please input username: " VPN_USER
         [ -n "$VPN_USER" ] && break
 done

 while :
 do
         echo
         read -p "Please input password: " VPN_PASS
         [ -n "$VPN_PASS" ] && break
 done
 clear

 if [ -n "`grep 'CentOS Linux release 7' /etc/redhat-release`" ];then
         #CentOS_REL=7
     if [ ! -e /etc/yum.repos.d/epel.repo ];then
         cat > /etc/yum.repos.d/epel.repo << EOF
 [epel]
 name=Extra Packages for Enterprise Linux 7 - \$basearch
 #baseurl=http://download.fedoraproject.org/pub/epel/7/\$basearch
 mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=\$basearch
 failovermethod=priority
 enabled=1
 gpgcheck=0
 EOF
 fi
         for Package in wget make openssl gcc-c++ ppp pptpd iptables iptables-services
         do
                 yum -y install $Package
         done
         echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
 elif [ -n "`grep 'CentOS release 6' /etc/redhat-release`" ];then
         #CentOS_REL=6
         for Package in wget make openssl gcc-c++ iptables ppp
         do
                 yum -y install $Package
         done
     sed -i 's@net.ipv4.ip_forward.*@net.ipv4.ip_forward = 1@g' /etc/sysctl.conf
     rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
     yum -y install pptpd
 else
         echo -e "\033[31mDoes not support this OS, Please contact the author! \033[0m"
         exit 1
 fi

 echo "1" > /proc/sys/net/ipv4/ip_forward

 sysctl -p /etc/sysctl.conf

 [ -z "`grep '^localip' /etc/pptpd.conf`" ] && echo "localip $VPN_LOCAL" >> /etc/pptpd.conf # Local IP address of your VPN server
 [ -z "`grep '^remoteip' /etc/pptpd.conf`" ] && echo "remoteip $VPN_REMOTE" >> /etc/pptpd.conf # Scope for your home network

 if [ -z "`grep '^ms-dns' /etc/ppp/options.pptpd`" ];then
     echo "ms-dns 8.8.8.8" >> /etc/ppp/options.pptpd # Google DNS Primary
     echo "ms-dns 209.244.0.3" >> /etc/ppp/options.pptpd # Level3 Primary
     echo "ms-dns 208.67.222.222" >> /etc/ppp/options.pptpd # OpenDNS Primary
 fi

 echo "$VPN_USER pptpd $VPN_PASS *" >> /etc/ppp/chap-secrets

 ETH=`route | grep default | awk '{print $NF}'`
 [ -z "`grep '1723 -j ACCEPT' /etc/sysconfig/iptables`" ] && iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 1723 -j ACCEPT
 [ -z "`grep 'gre -j ACCEPT' /etc/sysconfig/iptables`" ] && iptables -I INPUT 5 -p gre -j ACCEPT
 iptables -t nat -A POSTROUTING -o $ETH -j MASQUERADE
 service iptables save
 sed -i 's@^-A INPUT -j REJECT --reject-with icmp-host-prohibited@#-A INPUT -j REJECT --reject-with icmp-host-prohibited@' /etc/sysconfig/iptables
 sed -i 's@^-A FORWARD -j REJECT --reject-with icmp-host-prohibited@#-A FORWARD -j REJECT --reject-with icmp-host-prohibited@' /etc/sysconfig/iptables
 service iptables restart

 service pptpd restart
 chkconfig pptpd on
 clear

 echo -e "You can now connect to your VPN via your external IP \033[32m${VPN_IP}\033[0m"

 echo -e "Username: \033[32m${VPN_USER}\033[0m"
 echo -e "Password: \033[32m${VPN_PASS}\033[0m"

本人基本没看懂, 对Shell编程,还不熟悉。

此脚本在我的机上可以正常运行。 本人的系统是

 [root@vultr ~]# uname -a
 Linux vultr.guest 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
 [root@vultr ~]# cat /proc/version
 Linux version 2.6.32-573.7.1.el6.x86_64 (mockbuild@c6b8.bsys.dev.centos.org) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-16) (GCC) ) #1 SMP Tue Sep 22 22:00:00 UTC 2015
 [root@vultr ~]# cat /etc/issue
 CentOS release 6.7 (Final)
 Kernel \r on an \m

好了。就到这里吧。

注: 有些VPS提供商,使用OpenVZ技术,默认没有开启TUN 和PPP ,所以还需要你登录控制面板,将这个两项打开,然后再做以上步骤就可以了。

上一篇:centos6.7下安装配置vnc


下一篇:CentOS6.5下安装配置MySQL数据库