linux 不同网段pptp服务器的搭建

pptp服务器
内网eth0:192.168.0.10/24 (192.168.0.1是网关)
公网eth1:xxx.xxx.xxx.xxx
用户端拔pptp后分配的ip:192.168.3.0/24
用户未拔pptp前使用的ip:192.168.5.0/24

#yum install ppp libcap-devel libcap

#echo 1 >/proc/sys/net/ipv4/ip_forward
#wget http://nchc.dl.sourceforge.net/project/poptop/pptpd/pptpd-1.3.4/pptpd-1.3.4.tar.gz
#tar zxf pptpd-1.3.4.tar.gz
#cd pptpd-1.3.4
#./configure –prefix=/usr/local/pptpd –enable-bcrelay –with-libwrap
#make && make install
#cp pptpd-1.3.4/samples/pptpd.conf /etc/ppp/
#cp pptpd-1.3.4/samples/options.pptpd /etc/ppp/
#cp pptpd-1.3.4/samples/chap-secrets /etc/ppp/

#vim pptpd.conf
ppp /usr/sbin/pppd
option /etc/ppp/options.pptpd
#debug
# stimeout 10
# logwtmp
localip 客户端要访问的ip (pptp服务器ip )
remoteip 192.168.3.100-200 (用户端将分配的ip)
————————————————
#vim options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 114.114.114.114 (给客户端分配的dns)
proxyarp
#debug
dump
lock
nobsdcomp
novj
novjccomp
nologfd
————————————————
#vim chap-secrets
# client server secret IP addresses
#username pptpd password *

admin pptpd admin123 *
————————————————

iptables设置
iptables -A INPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A POSTROUTING -j MASQUERADE (关键)
iptables -A POSTROUTING -s 192.168.3.0/24 -j SNAT –to-source 公网ip (关键)

————————————————
路由设置
eth0设置
IPADDR=192.168.0.10
NETMASK=255.255.255.0 (内网不设网关)

eth1设置
IPADDR=XXX.XXX.XXX.XXX
NETMASK=XXX.XXX.XXX.XXX
GATEWAY=XXX.XXX.XXX.XXX (默认路由)
加路由
route add -net 192.168.5.0/24 gw 192.168.0.1
route add -net 192.168.3.0/24 gw 192.168.0.1