ppp & pptpd installation on cpanel


ppp & pptpd installation on cpanel


PPTP
A very basic VPN protocol based on PPP. PPTP was the first VPN protocol supported on the Microsoft Windows platform. The PPTP specification does not actually describe encryption or authentication features and relies on the PPP protocol being tunneled to implement security functionality.

L2TP/IPSec
Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself; it relies on an encryption protocol that it passes within the tunnel to provide privacy.

OpenVPN
OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol[2] that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.

Please refer the following article about PPTP vs L2TP vs OpenVPN.

http://www.ivpn.net/knowledgebase/62/PPTP-vs-L2TP-vs-OpenVPN.html

Install ppp & pptpd on your cpanel server.

ppp and poptop should be need to install the VPN server.

yum install ppp

Goto http://poptop.sourceforge.net/yum/stable/ and download pptpd rpm as per your OS architecture.

wget http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/pptpd-1.3.4-2.el6.x86_64.rpm

rpm -ivh pptpd-1.3.4-2.el6.x86_64.rpm

Open your pptpd.conf configuration file after installation completed.

vi /etc/pptpd.conf

End of the file add the following entries

localip 10.22.222.1
remoteip 10.22.222.22-122

Local IP will be assigned to the ppp interface, and the Remote IP range is the range of IPs that will be assigned to VPN clients.

Next open the /etc/ppp/options.pptpd file

vi /etc/ppp/options.pptpd

Go to the ms-dns lines, add google DNS or your ISPs DNS servers.

ms-dns 46.235.8.8
ms-dns 46.235.9.9

open the file /etc/ppp/chap-secrets to add some users

client        server  secret                  IP addresses
vpnuser1     pptpd randompass1 *
vpnuser2     pptpd randompass2 *

Change vpnuserX and randompassX to anything you like. Also if your clients have a static IP you can enter it instead of the * so that the particular VPN user will only be able to login from the specified IP.

Enable IP forwarding

open /etc/sysctl.conf

net.ipv4.ip_forward. Set it to 1

Firewall

Update the following configuration in your CSF firewall /etc/csf.

vi csfpre.sh

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
iptables -A OUTPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT

vi csfpost.sh

service pptpd stop
service pptpd start

Restart CSF firewall.

csf -r

Thants all….

Bu cevap yeterince yardımcı oldu mu?

Diğer Dökümanlar


  • What is cPanel and how to access it?

    CPanel is a fully featured web-based control panel that allows you to manage your domain through a web interface. cPanel gives you complete control over a vast amount of functions, streamlining...

  • CloudFlare Plugin install on cpanel

    CloudFlare is a performance and security service. With 14 points of presence around the world, a website on CloudFlare typically loads twice as fast, uses 65% less server resources, saves 60% of...

  • Enable Cronjob in cpanel and examples

    What is cron? It is the scheduling daemon of the Linux operating system Cron jobs allow you to automate repetitive tasks on the server that hosts your web site. This is a powerful tool that allows...

  • What is Anonymous FTP and how to enable it

    Anonymous FTP allows you and others that you give permission to, to access your “public_ftp” folder. There are two options available: 1. ftp://ftp.yourdomain.com –This allows...

  • Unable to connect cpanel using IP/whm and IP/cpanel

    If cpanel cannot be accessed using IP/whm and IP/cpanel, but can be accessed using IP:2086 and IP:2082, then here goes the solution for the same. The reason for this issue due to missing some...