基於pptp的vpn伺服器搭建
測試搭建pptp 伺服器問題
最近試著搭建一個基於pptp的VPN伺服器,從WINXP撥號過去建立連接都沒有問題了,
但是就是用這條VPN上不了網,也就是不能鏈接外網,初步懷疑是路由或者轉發配置
的問題,但是不知道需要在哪裡配置,有大俠知道的告訴一下啊,呵呵。
環境:
pptp伺服器:centos 5, 一個網卡,eth0:外網IP XXX.XXX.XXX.XXX
客戶端:WINXP
現象:
pptp伺服器建立連接前:
iptables 關掉了
>>netstat -nap |grep pptp
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 28144/pptpd
>>cat /etc/pptpd.conf
ppp /usr/sbin/pppd
debug
option /etc/ppp/options.pptpd
localip 10.0.0.254
remoteip 10.0.0.1-253
>>cat /etc/ppp/options.pptpd
auth
lock
debug
proxyarp
#nodefaultroute
name scorpio
multilink
refuse-pap
refuse-chap
refuse-mschap
refuse-eap
refuse-mschap-v2
require-mppe
#ms-wins
#ms-dns
dump
logfile /var/log/pptpd.log
通過XP的客戶端vpn撥號,連接建立過程正常:
>>cat /var/log/pptpd.log
pppd options in effect:
debug # (from /etc/ppp/options.pptpd)
logfile /var/log/pptpd.log # (from /etc/ppp/options.pptpd)
dump # (from /etc/ppp/options.pptpd)
multilink # (from /etc/ppp/options.pptpd)
auth # (from /etc/ppp/options.pptpd)
refuse-pap # (from /etc/ppp/options.pptpd)
refuse-chap # (from /etc/ppp/options.pptpd)
refuse-mschap # (from /etc/ppp/options.pptpd)
refuse-mschap-v2 # (from /etc/ppp/options.pptpd)
refuse-eap # (from /etc/ppp/options.pptpd)
name scorpio # (from /etc/ppp/options.pptpd)
115200 # (from command line)
lock # (from /etc/ppp/options.pptpd)
local # (from command line)
ipparam 124.64.82.8 # (from command line)
proxyarp # (from /etc/ppp/options.pptpd)
10.0.0.254:10.0.0.1 # (from command line)
require-mppe # (from /etc/ppp/options.pptpd)
using channel 16
Starting negotiation on /dev/pts/2
sent >]
rcvd
sent
rcvd
sent
sent >]
rcvd >]
sent
rcvd
sent
rcvd
sent
rcvd
rcvd
rcvd
sent
Using interface ppp0
sent
rcvd
sent
rcvd
sent
rcvd
sent
rcvd
sent
rcvd
MPPE 128-bit stateless compression enabled
sent
rcvd
sent
rcvd
rcvd
sent
rcvd
sent
rcvd
sent
Cannot determine ethernet address for proxy ARP
local IP address 10.0.0.254
remote IP address 10.0.0.1
Script /etc/ppp/ip-up started (pid 31704)
Script /etc/ppp/ip-up finished (pid 31704), status = 0x0
>>ifconfig
eth0 Link encap:Ethernet HWaddr EF:17:37:2E:77:72
inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.XXX Mask:XXX.XXX.XXX.XXX
inet6 addr: XXX.XXX.XXX.XXX/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34931510 errors:0 dropped:0 overruns:0 frame:0
TX packets:35663307 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3025720615 (2.8 GiB) TX bytes:2946169872 (2.7 GiB)
Base address:0x2000 Memory:88180000-881a0000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:56576 errors:0 dropped:0 overruns:0 frame:0
TX packets:56576 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4679721 (4.4 MiB) TX bytes:4679721 (4.4 MiB)
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.254 P-t-P:10.0.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1
RX packets:35 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3167 (3.0 KiB) TX bytes:118 (118.0 b)
>>route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.1 * 255.255.255.255 UH 0 0 0 ppp0
XXX.XXX.XXX.0 * 255.255.255.192 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default XXX.XXX.XXX.1 0.0.0.0 UG 0 0 0 eth0
>>cat /proc/sys/net/ipv4/ip_forward
1
>>iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[火星人
]
基於pptp的vpn伺服器搭建已經有817次圍觀
http://coctec.com/docs/service/show-post-30959.html
