Install VPN PPTP Server on CentOS 6

At this moment, my designer encounter problem to access target.com, an online shopping website to see some of the stuff for their design work. Target.com only allowed connections from USA and Canada at this moment due to their website crash issue last couple of weeks. Since this is quite urgent, I need to setup a VPN server so they can use it as a jump point to access websites in USA and Canada. I will use my MySQL server to serve as VPN server as well.

In this tutorial, I will use pptp as protocol to connect to VPN server using a username and password, with 128 bit MPPE encryption. Variable as below:

OS: CentOS 6 64bit
VPN server:  10.10.0.1
VPN client IP: 10.10.0.100 - 199

1. Install ppp, pptp :

$ rpm --import http://poptop.sourceforge.net/yum/RPM-GPG-KEY-PPTP $ rpm -Uvh http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm $ yum install ppp pptpd -y

2. Once installed, open /etc/pptpd.conf using text editor and add following line:

localip 10.10.0.1 remoteip 10.10.0.100-199

3. Open /etc/ppp/options.pptpd and add  authenticate method, encryption and DNS resolver value:

require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4

4. Lets create user to access the VPN server. Open /etc/ppp/chap-secrets and add the user as below:

USERNAME pptpd PASSWORD *

5. We need to allow IP packet forwarding for this server. Open /etc/sysctl.conf via text editor and change line below:

net.ipv4.ip_forward = 1

6. Run following command to take effect on the changes:

$ sysctl -p

7. Allow IP masquerading in IPtables by executing following line:

$ echo "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" >> /etc/rc.local $ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Update: Once you have done with step 8, check the rules at /etc/sysconfig/iptables. Make sure that the POSTROUTING rules is above any REJECT rules.

8. Start the server:

$ service pptpd start

Once the server is online after reboot, you should now able to access the PPTP server from the VPN client. You can monitor /var/log/messages for ppp and pptpd related log. Cheers!

출처 : http://blog.secaserver.com/2011/10/install-vpn-pptp-server-centos-6/

CentOS 초기 설치시 세팅

Linux Version 확인

# cat /etc/*release*

CentOS release 6.3 (Final)

CentOS release 6.3 (Final)

CentOS release 6.3 (Final)

cpe:/o:centos:linux:6:GA

OS 64bit 확인

#getconf LONG_BIT

64

Prompt 절대 경로 표시

vi /etc/bashrc

PS1="[\u@\h \\] 이부분 찾아서

[ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\h \$PWD]\\$ "

SetupTool 설치

yum install setuptool

yum install system-config-securitylevel-tui system-config-date

yum install authconfig system-config-network-tui ntsysv

rDate 설정

# time setting

14 3 * * * /usr/bin/rdate -s time.bora.net; /sbin/hwclock --systohc

uLimit 설정

echo "ulimit -SHn 10240" >> /etc/rc.local

GeoIP 설치

yum -y install GeoIP GeoIP-devel GeoIP-data perl-Geo-IP

History 설정

vi ~/.bash_profile

export HISTTIMEFORMAT="%F %T "