raspberry pi下安装与设置pptp(1723)服务

文章作者：[email protected]
信息来源：邪恶八进制信息安全团队(www.eviloctal.com)

注：文章首发I.S.T.O信息安全团队，后由原创作者友情提交到邪恶八进制信息安全团队技术讨论组。I.S.T.O版权所有，转载需注明作者。

1、MPPE：
sudo modprobe ppp-compress-18

2、下载并安装PPTP服务包：
sudo -s //切换到root权限
apt-get update //更新系统
apt-cache search pptp //搜索与pptp相关的服务包
sudo apt-get install pptpd

3、设置配置文件：
sudo vi /etc/pptpd.conf //可以配置为同一网段,设置为不同网段需要配置NAT,iptables就可以实现
localip 192.168.2.1
remoteip 192.168.2.150-200

//NAT配置以允许VPN客户端连公网：
要使用NAT表时，必须首先载入相关模块:
sudo modprobe ip_tables //iptable_nat 模块会在运行时自动载入
//打开eth0网卡的NAT功能：
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
//sudo iptables -append FORWARD –in-interface eth0 –j ACCEPT
//保存iptables配置并开机自启动：
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"
sudo vi /etc/rc.local  //自动启动程序，在底部(在exit 0前)新增一行
iptables-restore < /etc/iptables.ipv4.nat
sudo iptables -L -n -t nat //查看iptables配置


sudo vi /etc/ppp/pptpd-options
ms-dns 192.168.1.1 //DNS服务器IP
nobsdcomp
noipx
mtu 1490
mru 1490

sudo vi /etc/ppp/chap-secrets  //设置验证用户名和口令，pt007/123456
pt007[按TAB键]*[TAB键]123456[TAB键]*

4、重启pptpd服务：
sudo service pptpd restart

5、配置允许转发forwarding：
sudo vi /etc/sysctl.conf
net.ipv4.ip_forward=1
sudo sysctl -p //应用改变
netstat -anp|grep 1723 //pptp端口开在1723

6、设置固定IP地址：
参见：D:/树莓派相关/文章收集/树莓派配置网络.mht
sudo vi /etc/network/interfaces
auto lo

iface lo inet loopback
#iface eth0 inet dhcp
iface eth0 inet static
address 192.168.1.186
netmask 255.255.255.0
gateway 192.168.1.1
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp


sudo vi /etc/resolv.conf //配置DNS
nameserver 192.168.1.1
nameserver 8.8.8.8
nameserver 210.73.64.1
nameserver 210.73.88.1

ping pt007.dnsdynamic.com

7、设置动态DNS解析：
http://www.dnsdynamic.org/  //登录并注册一个动态域名
https://www.dnsdynamic.org //[email protected]/12345
sudo apt-get install ddclient
An installation dialogue should appear.
When asked to select a Dynamic DNS service provider, choose “Other.”
It should ask for the name of the service provider. Enter “www.dnsdynamic.org”
On the next screen, select the “dyndns2” protocol.
Now, enter the username (email address) and password you used when you registered at dnsdynamic.org // [email protected]/12345

It, now, asks which network interface to use. If you are using the ethernet port on your Pi, enter “eth0”. If you have setup a usb wifi interface adapter, you may enter “wlan0”
Next, enter the domain you registered: “pt007.dnsdynamic.com”

Now, wait for the installation to complete. If you’re behind a router, ddclient will incorrectly associate your internal IP address with your dynamic DNS domain. You can verify this by going to dnsdynamic.org, log in, click manage, and edit your existing domain. Let’s fix that.
Edit ‘ddclient.conf’
sudo vi /etc/ddclient.conf
Find the line “use=if, if=eth0” and comment it (add a # in front).
Add the line “use=web, web=checkip.dyndns.org”
daemon=60
protocol=dyndns2
#use=if, if=eth0
use=web, web=myip.dnsdynamic.com
server=www.dnsdynamic.org
[email protected]
password='12345'
pt007.dnsdynamic.com

sudo service ddclient restart //重启ddclient
ping pt007.dnsdynamic.com
telnet pt007.dnsdynamic.com 1723 //建议在无线AP中进行配置，把树莓派所在的IP放到DMZ区中

https://www.dnsdynamic.org/api.php  //配置文件样例
//A simple example to update a domain using the API directly:
https://www.dnsdynamic.org/api/? ... mp;myip=1.202.69.13


8、配置pptp客户端连接：



        勾上这个通过VPN服务器来上公网。

        运行效果：