linux下拔号pptp

安装:
yum -y install ppp pptp

配置:
1、更改拨号用户信息文件
cd  /etc/ppp

vim  chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
hello   foo  test123  *

共有4个栏位,
VPN用户  VPN标识 VPN密码  IP  

#foo为VPN标识,区分不同的VPN连接。

2、创建拨号配置文件foo(上述的VPN标识)
cd  /etc/ppp/peers
vim foo

增加如下内容:

pty “pptp 10.161.185.155 –nolaunchpppd”
noauth
refuse-eap
require-mppe-128
name hello
remotename foo
file /etc/ppp/options.pptp

参看:ubuntu wiki模板

pty “pptp YOUR_VPN_GATEWAY –nolaunchpppd”

debug

nodetach

logfd 2

noproxyarp

ipparam YOUR_COMPANY

remotename YOUR_COMPANY

name YOUR_DOMAIN_OR_SERVER_NAME\YOUR_VPN_LOGIN

require-mppe-128

nobsdcomp

nodeflate

lock

noauth

refuse-eap

refuse-chap

refuse-mschap

其中 10.161.185.155 为VPN服务器IP
name字段后跟的是/etc/ppp/chap-secrets中的VPN账户名
remotename为VPN标识,其他保持默认
还要更改options,不然老掉线

cat >/etc/ppp/options <<HERE
require-mppe
require-mppe-128
mppe-stateful
HERE

3、启动VPN客户端
root执行如下命令
pppd call foo

4、检查拨号结果,稍等10秒左右后,执行
如下命令检查:
[root@iZ23z4ezspcZ ppp]# ps -ef|grep pppd
root 13829 1 0 15:23 ? 00:00:00 pppd call lianyou
root 13830 13829 0 15:23 ? 00:00:00 pptp 10.162.40.230 –nolaunchpppd
root 13835 1 0 15:23 ? 00:00:00 pptp 10.162.40.230 –nolaunchpppd
root 14435 13256 0 15:38 pts/0 00:00:00 grep pppd

5、查看的vpn客户端IP
[root@iZ23z4ezspcZ ppp]# ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.10.102 P-t-P:192.168.10.100 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1
RX packets:35 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1934 (1.8 KiB) TX bytes:80 (80.0 b)

  1. 添加路由
    在处理路由的时候采用client to lan方式,需要增加对方lan的路由或者目标网络的路由.
    route add -net 192.168.10.0 netmask 255.255.255.0 dev ppp0 #vpn 成功拔入后, client之间互通,如果不加则只能与vpn网官192.168.10.1互通

route del default gw 172.25.254.0 #删除系统定义的默认网关路由

route add default gw 192.168.10.1 #增加到vpn服务器的网关路由, vpn client访问外网,如果不加则不能访问外网

脚本1:ppp pptp自动安装配置

#################################################################

#!/bin/bash
#To install ppp pptp from yum automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-11
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#安装拔号软件ppp pptp
####################
echo "-----------------------------------------"
echo -e "\e[35;1mInstall ppp pptp\e[0m"
echo "-----------------------------------------"
sleep 1
Packages="ppp pptp"
for i in $Packages
do
    Flag=$(rpm -qa|grep $i)
    if [  "$Flag" == "" ];then
        yum -y install $i 2>/dev/null
        else
            echo -e "\e[31;1m$i\e[0m is \e[32;1minstalled\e[0m"
    fi
done

echo ""
echo ""
echo ""

####################
#配置拔号
####################
#后期维护,只需修改如下对应变量即可
Vpn_server=10.x.x.x
Vpn_user=test
Vpn_password=xxxxx
Vpn_flag=vpn

echo "-----------------------------------------"
echo -e "\e[35;1mConfiguring vpn\e[0m"
echo "-----------------------------------------"
sleep 1
echo "$Vpn_user $Vpn_flag $Vpn_password *" >/etc/ppp/chap-secrets
echo -e "Adding \e[31;1m$Vpn_flag\e[0m to /etc/ppp/chap-secrets"
sleep 1

cat >/etc/ppp/peers/$Vpn_flag <<HERE
pty "pptp $Vpn_server --nolaunchpppd"
noauth
refuse-eap
require-mppe-128
name $Vpn_user
remotename $Vpn_flag
file /etc/ppp/options.pptp
HERE
echo -e "Adding auth_info to \e[31;1m$Vpn_server\e[0m to /etc/ppp/peers/\e[31;1m$Vpn_flag\e[0m"
echo ""
echo -e "Configuration \e[32;1msuccessfully!\e[0m"

脚本2:ppp拔号后台监控及自动重拔(通过ping VPN网关)

#################################################################

#!/bin/bash
#To dail up VPN automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-14
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#配置拔号名称
####################
#后期维护,只需修改如下对应变量即可
Vpn_flag=vpn
Vpn_gateway=192.168.10.1
Aliyun_gateway=$(route -ne|grep -w UG|awk '{print $2}'|uniq -d)

####################
#定义相关函数
####################
pppd_start(){
killall pppd &>/dev/null
pppd call $Vpn_flag
}

pppd_route(){
route del default gw $Aliyun_gateway &>/dev/null
route add default gw $Vpn_gateway &>/dev/null
}

pppd_check(){
Flag=$(ping -c1 -i.3 -W1 $Vpn_gateway|grep loss|awk -F, '{print $3}'|awk -F% '{print $1}')
if [ "$Flag" -eq "0" ];then
    echo -e "\e[31;1m$Vpn_flag\e[0m is \e[32;1mup!\e[0m"
    else
        echo -e "Connecting \e[31;1m$Vpn_flag\e[0m ..."
        pppd_start
        sleep 5
        if [ "$Flag" -eq "0" ];then
            pppd_route
            else
                echo "... ..."
                echo -e "Connecting \e[31;1m$Vpn_flag\e[0m ..."
                sleep 5
                pppd_route
        fi

fi
}


####################
#函数调用
####################
while true
do
    pppd_check
    sleep 1
done

脚本3:ppp拔号后台监控及自动重拔(通过ppp0接口的存在状态)

#################################################################

#!/bin/bash
#To dail up VPN automaticlly on CentOS
#Made by LiuJun, liujun_live@msn.com ,  2014-10-14
#################################################################

#Source function library.
. /etc/init.d/functions

#Export PATH
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games

####################
#配置拔号名称
####################
#后期维护,只需修改如下对应变量即可
export vpn_flag=vpn
export vpn_gateway=192.168.10.1
export aliyun_gateway=$(route -ne|grep -w UG|awk '{print $2}'|uniq -d)

####################
#定义相关函数
####################
pppd_start(){
killall pppd &>/dev/null
killall pppd &>/dev/null
pppd call $vpn_flag
}

pppd_route(){
route_flag=$(route -ne|awk '{print $2}'|grep $vpn_gateway)
if [ "$route_flag" != "$vpn_gateway" ];then
    route del default gw $aliyun_gateway &>/dev/null
    route add default gw $vpn_gateway &>/dev/null
fi
}

pppd_check(){
flag=$(ifconfig|grep ppp0)
ipaddr_ppp0=$(ifconfig ppp0 2>/dev/null|grep 'inet addr:'|awk '{print $2}'|cut -d: -f2)
#flag=$(ping -c2 -i1 -W1 $vpn_gateway|grep loss|awk -F, '{print $3}'|awk -F% '{print $1}')
if [ ! "$flag" == "" ];then
    echo -e "\e[31;1m$vpn_flag\e[0m is \e[32;1mup\e[0m with \e[33;1m$ipaddr_ppp0\e[0m"
    pppd_route
    else
        echo -e "Connecting \e[31;1m$vpn_flag\e[0m===>\e[32;1m$vpn_gateway\e[0m"
        pppd_start
        sleep 8
        ipaddr_flag=$(ifconfig ppp0 2>/dev/null|grep 'inet addr:'|awk '{print $2}'|cut -d: -f2)
        if [ -n "$ipaddr_flag" ];then
            pppd_route
            echo -e "Routing \e[31;1m$ipaddr_flag\e[0m===>\e[32;1m$vpn_gateway\e[0m"
        fi

fi
}


####################
#函数调用
####################
while true
do
    pppd_check
    sleep 5
done

#while true
#do
#    flag_start=$(ifconfig|grep ppp0)
#    if [  "$flag_start" == "" ];then
#        pppd_start
#        sleep 10
#        pppd_route
#        else
#            for((i=1;i<=590;i++))
#            do
#                pppd_check
#                sleep 1
#                if [ "$i" == "590" ];then
#                    echo -e "\e[31;1mRecall $vpn_flag\e[0m"
#                    pppd_start
#                    sleep 8
#                    pppd_route
#                fi
#            done
#    fi
#done
文档更新时间: 2019-12-17 15:02   作者:老王