1.检查系统是否支持安装pptp
[root@m01 ~]# cat /dev/ppp
cat: /dev/ppp: No such device or address
1.2 配置内核转发
[root@m01 ~]# sed -i 's#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g' /etc/sysctl.conf
[root@m01 ~]# grep net.ipv4.ip_forward /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@m01 ~]# sysctl -p #生效
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
1.3 安装pptp
[root@m01 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
#安装epel源
[root@m01 ~]# yum -y install pptpd
1.4 配置pptp
[root@m01 ~]# sed -i '$a localip 10.0.0.61\nremoteip 172.16.1.100-200' /etc/pptpd.conf
[root@m01 ~]# tail -2 /etc/pptpd.conf
localip 10.0.0.61
remoteip 172.16.1.100-200
1.5 启动pptp
[root@m01 ~]# /etc/init.d/pptpd start
Starting pptpd: [ OK ]
[root@m01 ~]# tailf /var/log/messages
Jul 27 10:40:23 m01 pptpd[5971]: MGR: connections limit (100) reached, extra IP addresses ignored
Jul 27 10:40:23 m01 pptpd[5972]: MGR: Manager process started
Jul 27 10:40:23 m01 pptpd[5972]: MGR: Maximum of 100 connections available
[root@m01 ~]# netstat -tunlp|grep pptp
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 8061/pptpd
1.6 添加账号密码
[root@m01 ~]# vim /etc/ppp/chap-secrets
oldboy * 123456 *
#此处不需要重启服务
1.7 windows的使用
1.在网络和共享===>>设置新的连接或网络===>>连接到工作区===>>点击败"否,创建新连接"===>>输入目标ip和目标名称===>>输入账号和密码!!!!
1.7.1 链接不能上网的解决方法
在网络栏点击目标名称===>>点击属性===>>选择internet协议版本4(TCP/IPv4)===>>常规中选择 "高级" ===>>ip设置中===>>去掉在远程网络上使用默认网关的(对号)
1.8 配置vpn审计功能
1.8.1 几率登陆用户名日志
cat /etc/ppp/ip-up
echo "$PEERNAME 分配IP:$5 登陆IP:$6 登陆时间:`date-d today+%F_%T`">>/var/log/pptpd.log/pptpd.log
exit 0
cat /etc/ppp/ip-down
echo "$PEERNAME 下线IP:$6下线时间:`date-d today +%F_%T`">>/var/log/pptpd.log
exit 0
[root@m01 ~]# sed -i '$i echo "$PEERNAME 分配IP: $5 登录IP: $6 登录时间: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-up
[root@m01 ~]# sed -i '$i echo "$PEERNAME 下线IP: $6 下线时间: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-down
[root@m01 ppp]# tail -F /var/log/pptpd.log
tail: cannot open `/var/log/pptpd.log' for reading: No such file or directory
tail: `/var/log/pptpd.log' has become accessible
oldboy 下线IP: 10.0.0.253 下线时间: 2017-07-27_11:28:13
oldboy 分配IP: 172.16.1.100 登录IP: 10.0.0.253 登录时间: 2017-07-27_11:28:31
sed -i '$i echo "$PEERNAME 分配IP: $5 登录IP: $6 登录时间: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-up
[root@m01 ~]# sed -i '$i echo "$PEERNAME 下线IP: $6 下线时间: `date -d today +%F_%T`" >> /var/log/pptpd.log' /etc/ppp/ip-down
[root@m01 ppp]# tail -F /var/log/pptpd.log
tail: cannot open `/var/log/pptpd.log' for reading: No such file or directory
tail: `/var/log/pptpd.log' has become accessible
oldboy 下线IP: 10.0.0.253 下线时间: 2017-07-27_11:28:13
oldboy 分配IP: 172.16.1.100 登录IP: 10.0.0.253 登录时间: 2017-07-27_11:28:31