1. 云栖社区>
  2. PHP教程>
  3. 正文

PPTP VPN客户端的安装及使用

作者:用户 来源:互联网 时间:2017-12-01 10:28:30

安装vpn使用pptp客户

PPTP VPN客户端的安装及使用 - 摘要: 本文讲的是PPTP VPN客户端的安装及使用,PPTP VPN部署好了之后,客户端的配置相对于OpenVPN的客户端相对而言就简单太多了,而且pptp无须安装客户端(Windows),而目前大部分人都使用windows客户端,因此易用性上是要优越于OpenVPN的,甚至在网上有看到有的

PPTP VPN部署好了之后,客户端的配置相对于OpenVPN的客户端相对而言就简单太多了,而且pptp无须安装客户端(Windows),而目前大部分人都使用windows客户端,因此易用性上是要优越于OpenVPN的,甚至在网上有看到有的公司就因为这一点抛弃OpenVPN而选择pptpd。当然,选择适合的VPN不能只看重这一点,而是需要综合考虑自己的业务需求以及方案的可实施性等多方面的因素,这里不多做评论。鉴于网上关于PPTPD VPN服务器端的安装教程很多,却少有讲解pptp客户端的安装使用,所以添加一下自己的使用心得,以作备用。
一、Linux客户端
要在Linux上使用pptp VPN,首先需要安装pptp和pptp-setup两个包,注意是pptp而不是服务器端的pptpd,下载对应的RPM包安装即可。

rpm -qa pptp pptp-setup #检查是否安装了pptp和pptp-setup两个包
wget ftp://rpmfind.net/linux/centos/6.8/os/x86_64/Packages/pptp-
1.7.2-8.1.el6.x86_64.rpm
rpm -ivh pptp-1.7.2-8.1.el6.x86_64.rpm
wget ftp://rpmfind.net/linux/centos/6.8/os/x86_64/Packages/pptp-
setup-1.7.2-8.1.el6.x86_64.rpm
rpm -ivh pptp-setup-1.7.2-8.1.el6.x86_64.rpm

下面看一下pptpsetup的用法:
pptpsetup --help
pptpsetup --create <TUNNEL> --server <SERVER> [--domain <DOMAIN>]
--username <USERNAME> [--password <PASSWORD>]
[--encrypt] [--start]

pptpsetup --delete <TUNNEL>

Options:

* the name you wish to use to refer to the tunnel (you choose it),
* the IP address or host name of the server,
* the authentication domain name (optional),
* the username you are to use,
* the password you are to use,
* whether encryption is required,
* whether to start the connection after configuration.
########################################################################
这里的注释是和上面的命令参数对应的,具体如下:
<TUNNEL>:指定需要创建的vpn连接的名称
<SERVER>:PPTP VPN服务器的ip地址或者主机名(如果是主机名,需要做好DNS解析,无论是公网还是本地DNS)
<DOMAIN>:验证的域名,pptp vpn初始使用chap-secret本地认证,但是也支持ldap认证,在使用ldap认证时,该项有用到
<USERNAME>:连接到vpn的用户名
<PASSWORD>:连接到vpn的用户密码
[--encrypt]:选择是否启用加密,这个也要跟服务器端一致,如果不一致,会有信息提示
[--start]:选择立即启动连接还是在创建配置完成后再启动,一般只在第一次创建vpn连接时使用
########################################################################

pptpsetup - Point-to-Point Tunneling Protocol setup

Copyright (C) 2006 Nelson Ferraz

pptpsetup comes with ABSOLUTELY NO WARRANTY; for details see source.
This is free software, and you are welcome to redistribute it
under certain conditions; see source for details.
根据上面给出的使用帮助,如果我们想要新创建一个vpn连接,命令如下:
pptpsetup --create vpn --server --username test -
-password 123456 --encrypt
创建完成后,如果以后需要调用它,只需要执行以下命令即可。
pppd call vpn
[[email protected] ~]# pptpsetup --create vpn --server 192.168.49.133 --username test ---password 123456 --encrypt --startUsing interface ppp0Connect: ppp0 <--> /dev/pts/2CHAP authentication succeededMPPE 128-bit stateless compression enabledlocal  IP address 192.168.9.100remote IP address 192.168.140.128
出现CHAP authentication succeeded表示成功,而且会显示当前主机获取的IP地址,我这里是192.168.9.100.(该地址是在PPTP VPN服务器端配置的)
[[email protected] ~]# ip a |grep ppp8: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp  inet 192.168.9.100 peer 192.168.140.128/32 scope global ppp09: ppp1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp  inet 192.168.140.128 peer 192.168.9.100/32 scope global ppp1[[email protected] ~]# ifconfigeth0Link encap:Ethernet  HWaddr 00:0C:29:B3:83:3Finet addr:192.168.49.133  Bcast:192.168.49.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:833f/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:1657 errors:0 dropped:0 overruns:0 frame:0  TX packets:1240 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:223662 (218.4 KiB)  TX bytes:153261 (149.6 KiB)eth1Link encap:Ethernet  HWaddr 00:0C:29:B3:83:49inet addr:192.168.140.128  Bcast:192.168.140.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:8349/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:15 errors:0 dropped:0 overruns:0 frame:0  TX packets:445 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:3158 (3.0 KiB)  TX bytes:21306 (20.8 KiB)loLink encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0  inet6 addr: ::1/128 Scope:Host  UP LOOPBACK RUNNING  MTU:16436  Metric:1  RX packets:377 errors:0 dropped:0 overruns:0 frame:0  TX packets:377 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:0RX bytes:35490 (34.6 KiB)  TX bytes:35490 (34.6 KiB)ppp0Link encap:Point-to-Point Protocolinet addr:192.168.9.100  P-t-P:192.168.140.128  Mask:255.255.255.255  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1496  Metric:1  RX packets:6 errors:0 dropped:0 overruns:0 frame:0  TX packets:6 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:3RX bytes:60 (60.0 b)  TX bytes:66 (66.0 b)ppp1Link encap:Point-to-Point Protocolinet addr:192.168.140.128  P-t-P:192.168.9.100  Mask:255.255.255.255  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1496  Metric:1  RX packets:6 errors:0 dropped:0 overruns:0 frame:0  TX packets:6 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:3RX bytes:66 (66.0 b)  TX bytes:60 (60.0 b)
这里因为我是在PPTP VPN Server上安装的pptp client,所以服务器端和客户端在一起,创建了两个ppp网卡。
[[email protected] ~]# ps -ef|grep ppproot 13891  0 23:23 pts/0 00:00:00 pptp 192.168.49.133 --nolaunchpppdroot 13971  0 23:23 pts/0 00:00:00 pptp 192.168.49.133 --nolaunchpppdroot 13991398  0 23:23 ?00:00:00 /usr/sbin/pppd local file /etc/ppp/options.pptpd 115200 192.168.140.128:192.168.9.100 ipparam 192.168.49.133 plugin /usr/lib64/pptpd/pptpd-logwtmp.so pptpd-original-ip 192.168.49.133 remotenumber 192.168.49.133root 14051  0 23:23 ?00:00:00 pppd call vpn updetachroot 19901118  0 23:29 pts/0 00:00:00 grep ppp
如果想要关闭ppp连接,只需要杀掉对应的进程即可,比如我这里是进程1399.
[[email protected] ~]# kill 1399[[email protected] ~]# ifconfigeth0Link encap:Ethernet  HWaddr 00:0C:29:B3:83:3Finet addr:192.168.49.133  Bcast:192.168.49.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:833f/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:2107 errors:0 dropped:0 overruns:0 frame:0  TX packets:1596 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:264616 (258.4 KiB)  TX bytes:196914 (192.2 KiB)eth1Link encap:Ethernet  HWaddr 00:0C:29:B3:83:49inet addr:192.168.140.128  Bcast:192.168.140.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:8349/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:16 errors:0 dropped:0 overruns:0 frame:0  TX packets:466 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:3500 (3.4 KiB)  TX bytes:22704 (22.1 KiB)loLink encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0  inet6 addr: ::1/128 Scope:Host  UP LOOPBACK RUNNING  MTU:16436  Metric:1  RX packets:408 errors:0 dropped:0 overruns:0 frame:0  TX packets:408 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:0RX bytes:37460 (36.5 KiB)  TX bytes:37460 (36.5 KiB)
当然,如果要重启启用ppp网络,只需执行以下命令即可。
pppd call [vpn连接名称],如pppd call vpn.
[[email protected] ~]# pppd call vpn[[email protected] ~]# ip a |grep ppp10: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp  inet 192.168.9.100 peer 192.168.140.128/32 scope global ppp011: ppp1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3 link/ppp  inet 192.168.140.128 peer 192.168.9.100/32 scope global ppp1[[email protected] ~]# ifconfigeth0Link encap:Ethernet  HWaddr 00:0C:29:B3:83:3Finet addr:192.168.49.133  Bcast:192.168.49.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:833f/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:2161 errors:0 dropped:0 overruns:0 frame:0  TX packets:1638 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:269604 (263.2 KiB)  TX bytes:203202 (198.4 KiB)eth1Link encap:Ethernet  HWaddr 00:0C:29:B3:83:49inet addr:192.168.140.128  Bcast:192.168.140.255  Mask:255.255.255.0  inet6 addr: fe80::20c:29ff:feb3:8349/64 Scope:Link  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1  RX packets:16 errors:0 dropped:0 overruns:0 frame:0  TX packets:466 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:1000RX bytes:3500 (3.4 KiB)  TX bytes:22704 (22.1 KiB)loLink encap:Local Loopbackinet addr:127.0.0.1  Mask:255.0.0.0  inet6 addr: ::1/128 Scope:Host  UP LOOPBACK RUNNING  MTU:16436  Metric:1  RX packets:441 errors:0 dropped:0 overruns:0 frame:0  TX packets:441 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:0RX bytes:39689 (38.7 KiB)  TX bytes:39689 (38.7 KiB)ppp0Link encap:Point-to-Point Protocolinet addr:192.168.9.100  P-t-P:192.168.140.128  Mask:255.255.255.255  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1496  Metric:1  RX packets:6 errors:0 dropped:0 overruns:0 frame:0  TX packets:6 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:3RX bytes:60 (60.0 b)  TX bytes:66 (66.0 b)ppp1Link encap:Point-to-Point Protocolinet addr:192.168.140.128  P-t-P:192.168.9.100  Mask:255.255.255.255  UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1496  Metric:1  RX packets:6 errors:0 dropped:0 overruns:0 frame:0  TX packets:6 errors:0 dropped:0 overruns:0 carrier:0  collisions:0 txqueuelen:3RX bytes:66 (66.0 b)  TX bytes:60 (60.0 b)
可以通过/var/log/message中的内容查看相关日志,如:
[[email protected] ~]# tail -f /var/log/messagesSep  6 04:01:08 localhost pppd[2907]: pppd 2.4.5 started by root, uid 0Sep  6 04:01:08 localhost pppd[2907]: Using interface ppp0Sep  6 04:01:08 localhost pppd[2907]: Connect: ppp0 <--> /dev/pts/2Sep  6 04:01:08 localhost pptp[2908]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activatedSep  6 04:01:08 localhost pptp[2916]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'Sep  6 04:01:08 localhost pptpd[2917]: CTRL: Client 192.168.49.133 control connection startedSep  6 04:01:08 localhost pptp[2916]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection ReplySep  6 04:01:08 localhost pptp[2916]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.Sep  6 04:01:09 localhost pptp[2916]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'Sep  6 04:01:09 localhost pptpd[2917]: CTRL: Starting call (launching pppd, opening GRE)Sep  6 04:01:09 localhost pptp[2916]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.Sep  6 04:01:09 localhost pptp[2916]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0, peer's call ID 128).Sep  6 04:01:09 localhost pppd[2918]: Plugin /usr/lib64/pptpd/pptpd-logwtmp.so loaded.Sep  6 04:01:09 localhost pppd[2918]: pppd 2.4.5 started by root, uid 0Sep  6 04:01:09 localhost pppd[2918]: Using interface ppp1Sep  6 04:01:09 localhost pppd[2918]: Connect: ppp1 <--> /dev/pts/3Sep  6 04:01:09 localhost pppd[2918]: peer from calling number 192.168.49.133 authorizedSep  6 04:01:09 localhost pppd[2907]: CHAP authentication succeededSep  6 04:01:09 localhost pppd[2918]: MPPE 128-bit stateless compression enabledSep  6 04:01:09 localhost pppd[2907]: MPPE 128-bit stateless compression enabledSep  6 04:01:09 localhost pppd[2918]: Cannot determine ethernet address for proxy ARPSep  6 04:01:09 localhost pppd[2918]: local  IP address 192.168.140.128Sep  6 04:01:09 localhost pppd[2918]: remote IP address 192.168.9.100Sep  6 04:01:09 localhost pppd[2907]: local  IP address 192.168.9.100Sep  6 04:01:09 localhost pppd[2907]: remote IP address 192.168.140.128Sep  6 04:01:11 localhost ntpd[1066]: Listen normally on 13 ppp0 192.168.9.100 UDP 123Sep  6 04:01:11 localhost ntpd[1066]: peers refreshed
二、Windows客户端

相对于Linux客户端,Windows客户端也是比较容易设置的,毕竟PPTP协议的提出也有微软的参与,所以这方面的支持是少不了的,下面在windows7上设置客户端连接PPTP VPN.

PPTP VPN客户端的安装及使用
在网络和共享中心,选择“设置新的连接或网络”

PPTP VPN客户端的安装及使用
选择“连接到工作区”

PPTP VPN客户端的安装及使用
选择“使用我的Ineternet连接(VPN)”

PPTP VPN客户端的安装及使用
输入Internet地址,这个地址是VPN Server的地址,一般是外网IP地址,因为客户端要能ping到这个地址,当然也可以通过端口映射的方式映射内网IP到公网,结果是一样的。

PPTP VPN客户端的安装及使用
输入PPTP VPN连接的用户名密码

PPTP VPN客户端的安装及使用
等待连接建立

PPTP VPN客户端的安装及使用
注册客户端

PPTP VPN客户端的安装及使用
连接成功

PPTP VPN客户端的安装及使用
查看连接信息,已经获取到IP地址,这里依然是服务器上设置的192.168.9.0/24段,至此,配置完成。
补充一点,如果自己要写脚本自动化ppp网络连接的开启或关闭,当然可以,不过ppp的工具包已经提供了相关的一些脚本,具体在/usr/share/doc/ppp-2.4.5/scripts/路径下。
[[email protected] scripts]# lltotal 96-rw-r--r-- 1 root root 5582 Nov 16  2009 autopppd-rw-r--r-- 1 root root 2301 Nov 16  2009 callback-rw-r--r-- 1 root root 2795 Nov 16  2009 chat-callbackdrwxr-xr-x 2 root root 4096 Sep  5 03:54 chatchat-rw-r--r-- 1 root root  603 Mar 16  2015 ip-down.local.add-rw-r--r-- 1 root root  818 Mar 16  2015 ip-up.local.add-rw-r--r-- 1 root root86 Nov 16  2009 options-rsh-loc-rw-r--r-- 1 root root92 Nov 16  2009 options-rsh-rem-rw-r--r-- 1 root root86 Nov 16  2009 options-ssh-loc-rw-r--r-- 1 root root92 Nov 16  2009 options-ssh-rem-rw-r--r-- 1 root root  146 Nov 16  2009 plog-rw-r--r-- 1 root root 2772 Nov 16  2009 poff-rw-r--r-- 1 root root  970 Nov 16  2009 pon-rw-r--r-- 1 root root 3604 Nov 16  2009 pon.1-rw-r--r-- 1 root root  967 Nov 16  2009 ppp-off-rw-r--r-- 1 root root 1641 Nov 16  2009 ppp-on-rw-r--r-- 1 root root  397 Nov 16  2009 ppp-on-dialer-rw-r--r-- 1 root root 2018 Mar 16  2015 ppp-on-rsh-rw-r--r-- 1 root root 2307 Mar 16  2015 ppp-on-ssh-rw-r--r-- 1 root root 6190 Nov 16  2009 README-rw-r--r-- 1 root root 2237 Nov 16  2009 redialer-rw-r--r-- 1 root root 2374 Mar 16  2015 secure-card
里面有一些初始即可用,有一些需要加一些个性化设置,不过都是些不错的脚本,值得借鉴。
本文出自 “IT小二郎” 博客,请务必保留此出处http://jerry12356.blog.51cto.com/4308715/1846912

以上是云栖社区小编为您精心准备的的内容,在云栖社区的博客、问答、公众号、人物、课程等栏目也有的相关内容,欢迎继续使用右上角搜索按钮进行搜索安装 , vpn , 使用 , pptp , 客户 ,以便于您获取更多的相关知识。