CentOS 5.5 64位安装VPN 客户端连接出现619错误
客户端连接一直出现619错误,服务器日志显示如下:
Mar 28 13:51:30 master pptpd[32614]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Mar 28 13:51:30 master pptpd[32614]: CTRL: Client 192.168.1.12 control connection finished
Mar 28 13:51:32 master pptpd[32616]: CTRL: Client 192.168.1.12 control connection started
Mar 28 13:51:32 master pptpd[32616]: CTRL: Starting call (launching pppd, opening GRE)
Mar 28 13:51:32 master pppd[32617]: /usr/lib/pptpd/pptpd-logwtmp.so: wrong ELF class: ELFCLASS32
Mar 28 13:51:32 master pppd[32617]: Couldn't load plugin /usr/lib/pptpd/pptpd-logwtmp.so
Mar 28 13:51:32 master pptpd[32616]: GRE: read(fd=6,buffer=8059680,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
一直没搞懂什么原因,今天才发现测试环境是64位的,而我安装的pptpd是32位的包。找到原因就好办了。重新下载、安装。ok。正常了。后面附安装文档(安装信息来源于网络,本文略作修改。保存为install.sh,修改权限chmod 777 instll.sh 执行sh install.sh即可):
注:
1、以下是64位环境的安装包。如果是32位环境只需修改##32 ##64后面的注释行即可。
2、localip 为vpn管道的ip,remoteip 为给客户端连接分配的ip地址范围。
3、ms-dns后面的改为当地能用的dns
4、chap-secrets保存的信息客户端连接信息依次是:用户名,服务名,密码,允许的ip。服务名在options.pptpd的name定义,默认为pptpd
##
mkdir -p /home/vpn_install
export SOURCE_DIR=/home/vpn_install
##ppp iptables
yum -y install ppp iptables
cd $SOURCE_DIR
##32
#wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.i386.rpm
##64
wget http://acelnmp.googlecode.com/files/pptpd-1.3.4-1.rhel5.1.x86_64.rpm
##32
#rpm -ivh pptpd-1.3.4-1.rhel5.1.i386.rpm
##64
rpm -ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm
##/etc/pptpd.conf
sed -i 's#option\ \/etc\/ppp#\#option\ \/etc\/ppp#' /etc/pptpd.conf
sed -i 's#logwtmp#\#logwtmp#' /etc/pptpd.conf
sed -i 's#localip#\#localip#' /etc/pptpd.conf
sed -i 's#remoteip#\#remoteip#' /etc/pptpd.conf
echo "option /etc/ppp/options.pptpd" >>/etc/pptpd.conf
echo "logwtmp" >>/etc/pptpd.conf
echo "localip 192.168.0.200" >>/etc/pptpd.conf
echo "remoteip 192.168.0.100-150" >>/etc/pptpd.conf
##/etc/ppp/options.pptpd
sed -i 's#\#\ name\ pptpd#name\ pptpd#' /etc/ppp/options.pptpd
sed -i 's#\#\ refuse-pap#refuse-pap#' /etc/ppp/options.pptpd
sed -i 's#\#\ refuse-chap#refuse-chap#' /etc/ppp/options.pptpd
sed -i 's#\#\ refuse-mschap#refuse-mschap#' /etc/ppp/options.pptpd
sed -i 's#\#\ require-mschap-v2#require-mschap-v2#' /etc/ppp/options.pptpd
sed -i 's#\#\ require-mppe-128#require-mppe-128#' /etc/ppp/options.pptpd
sed -i 's#\#\ proxyarp#proxyarp#' /etc/ppp/options.pptpd
sed -i 's#\#\ lock#rlock#' /etc/ppp/options.pptpd
sed -i 's#\#\ nobsdcomp#nobsdcomp#' /etc/ppp/options.pptpd
sed -i 's#\#\ novj#novjp#' /etc/ppp/options.pptpd
sed -i 's#\#\ novjccomp#novjccomp#' /etc/ppp/options.pptpd
sed -i 's#ms-dns#\#ms-dns#' /etc/ppp/options.pptpd
echo "ms-dns 61.139.2.69" >>/etc/ppp/options.pptpd
echo "ms-dns 202.98.96.68" >>/etc/ppp/options.pptpd
##/etc/ppp/chap-secrets
mv /etc/ppp/chap-secrets /etc/ppp/chap-secrets.old
touch /etc/ppp/chap-secrets
echo "user pptpd 123456 *">>/etc/ppp/chap-secrets
##/etc/sysctl.conf
sed -i 's#net.ipv4.ip_forward#\#net.ipv4.ip_forward#' /etc/sysctl.conf
echo "net.ipv4.ip_forward = 1">>/etc/sysctl.conf
sysctl -p
##iptables
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j MASQUERADE
iptables -I FORWARD -p tcp --syn -i ppp+ -j TCPMSS --set-mss 1356
/etc/init.d/iptables save
service iptables restart
##chkconfig
chkconfig pptpd on
chkconfig iptables on
##reboot
#reboot