quinta-feira, 26 de agosto de 2010

FreeBSD PPTP VPN

1. Instale o PoPtop usando o Ports


[root]# cd /usr/ports/net/poptop
[root]# make install clean


2. Edite os arquivos de Configuração


** Usando um exemplo da minha rede local 192.168.0.0/24. Altere conforme necessidade.


/usr/local/etc/pptpd.conf
----------------------------------------------------------------
debug
nobsdcomp
proxyarp
localip 192.168.0.1
remoteip 192.168.0.10-20
pidfile /var/run/pptpd.pid
+chapms-v2
mppe-40
mppe-128
mppe-stateless
ms-wins 192.168.0.1


/etc/ppp/ppp.conf
---------------------------------------------------------------
loop:
    set timeout 0
    set log phase chat connect lcp ipcp command
    set device localhost:pptp
    set dial
    set login
    # Server (local) IP address, Range for Clients, and Netmask
    # if you want to use NAT use private IP addresses
    set ifaddr 192.168.0.1 192.168.0.10-192.168.0.20 255.255.255.0
    add default HISADDR
    set server /tmp/loop "" 0177


loop-in:
    set timeout 0
    set log phase lcp ipcp command
    allow mode direct




pptp:
    load loop
    disable pap
    # Authenticate against /etc/passwd
    enable passwdauth
    disable ipv6cp
    enable proxy
    accept dns
    enable MSChapV2
    enable mppe
    disable deflate pred1
    deny deflate pred1
    set dns 8.8.8.8
    set device !/etc/ppp/secure


/etc/ppp/secure
---------------------------------------------------------------
#!/bin/sh
exec /usr/sbin/ppp -direct loop-in


/etc/ppp/ppp.secret
---------------------------------------------------------------
#user #passoword
user1 password
user2 password




3. Ative o IP Forwarding


[root]# sysctl net.inet.ip.forwarding=1


   /etc/rc.conf
   gateway_enable="YES"
   arpproxy_all="YES"
   pptpd_enable="YES"


4. Reboot
   
Verifique se ele iniciou com êxito
[root]# netstat -a -n
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN


PPTP usa a porta tcp 1723

Nenhum comentário: