Advertisements
This is implement on a openvz vps. So there are two parts. Part one needs to be done on Node server and part two is need to be done on the vps. In case if you are working in a dedicated server you have to do both on the dedicated server.
Part one:
on the node:
Find the VEID of your vps. If you dont have access ask your vps provider to enable ppp and nat
[root@Node ~]# vzlist -a | grep 184.x.x.x
[VEID] 20 running 184.x.x.x vps
Loading modules needed for ppp
[root@Node ~]# modprobe ppp_mppe
[root@Node ~]# modprobe ppp_deflate
[root@Node ~]# modprobe zlib_deflate
[root@Node ~]# modprobe ppp_async
[root@Node ~]# modprobe ppp_generic
[root@Node ~]# modprobe slhc
[root@Node ~]# modprobe crc_ccitt
Checking the modules
[root@Node ~]# lsmod | grep ppp
ppp_async 45056 0
crc_ccitt 35200 1 ppp_async
ppp_deflate 39168 0
zlib_deflate 52760 1 ppp_deflate
ppp_mppe 39816 0
ppp_generic 63632 3 ppp_async,ppp_deflate,ppp_mppe
slhc 39680 1 ppp_generic
Enabling ppp for the vps with VEID [VEID]:
You have to stop the vps first:
[root@Node ~]# vzctl stop [VEID]
Stopping container ...
Container was stopped
Container is unmounted
Now setting the parameters:
[root@Node ~]# vzctl set [VEID] --features ppp:on --save
Saved parameters for CT [VEID]
[root@Node ~]# vzctl set [VEID] --devices c:108:0:rw --save
Saved parameters for CT [VEID]
[root@Node ~]# vzctl start [VEID]
Starting container ...
Container is mounted
Adding IP address(es): 184.154.103.231
Setting CPU limit: 100
Setting CPU units: 1000
Setting CPUs: 1
Setting devices
Set hostname: vps
File resolv.conf was modified
Setting quota ugidlimit: 10000
Container start in progress...
[root@Node ~]# vzctl exec [VEID] mknod /dev/ppp c 108 0
[root@Node ~]# vzctl exec [VEID] chmod 600 /dev/ppp
Enabling NAT on openvz vps:
[root@Node ~]# vzctl stop [VEID]
[root@Node ~]# vzctl set [VEID] --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save
[root@Node ~]# vzctl start [VEID]
Part two:
Inside vps:
Searching the package pptpd on Ubuntu vps:
root@vps:~# apt-cache search pptp
pptpd - PoPToP Point to Point Tunneling Server
Installing the pptpd package:
root@vps:~# apt-get install pptpd
Testing the ppp module:
root@vps:/# /usr/sbin/pppd
~ÿ}#À!}!}!} }4}"}&} } } } }%}&} 3ä}'}"}(}"P};~~ÿ
Configuring the local ip and remote ip range for the vpn connections:
root@vps:/# vi /etc/pptpd.conf
localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245
Setting the DNS ip address for the vpn clients
root@vps:/# vi /etc/ppp/pptpd-options
ms-dns 8.8.8.8
ms-dns 8.8.4.4
masquerading the vpn client ips to the vps ip address
root@vps:/# iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o venet0 -j MASQUERADE
Saving the iptables rules:
root@vps:/# iptables-save > /etc/iptables.conf
Writing iptables restore script:
root@vps:/# cat /etc/network/if-up.d/iptables
#!/bin/sh
iptables-restore < /etc/iptables.conf
root@vps:/#
Giving the execute permission for the restore script:
root@vps:/# chmod +x /etc/network/if-up.d/iptables
Enable packet forwarding:
root@vps:/# vi /etc/sysctl.conf
net.ipv4.ip_forward=1
root@vps:/# sysctl -p
net.ipv4.ip_forward = 1
Creating vpn users for pptpd
root@vps:/# cat /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
vpn pptpd abc123$ *
root@vps:/#
Restarting the service.
root@vps:/# /etc/init.d/pptpd restart
Restarting PPTP:
Stopping PPTP: pptpd.
Starting PPTP Daemon: pptpd.
root@vps:/#
Thats it. Enjoy. Leave comments.
No comments:
Post a Comment
Be nice. That's all.