AMAZON EC2 pptp vpn

2012.11.9 No Comments

众所周知,生活在TianChao我们需要具备的基本能力是Fan墙术,一般情况可以考虑 goagent 和免费的 VPN 和免费的 http 代理等,但最稳定肯定还是自己专用服务器架设 VPN。本文将介绍在 Ubuntu 12.04 环境下架设 pptp vpn server,提供给iphone,Mac,Windows等等允许使用 pptp 协议连接 VPN 网络的设备。

这里要注意了,做 Server 的机器必须在境外(或者境内无监管和 dns 污染的),否则无效,本文采用 AWS EC2(不清楚的请 google.)。

####安装PPTP服务器
sudo apt-get update
sudo apt-get install pptpd

#### 配置PPTP服务器

# 使用你熟悉的编辑器,如vi或可视化管理工具winscp编辑
	sudo vi /etc/pptpd.conf
#找到如下内容:
	#localip 192.168.0.1
	#remoteip 192.168.0.234-238,192.168.0.245
#替换为(网段按自己需求设置,下面的两行为VPN服务器的IP和VPN客户端连接后获取到的IP范围):
	localip 192.168.117.1
	remoteip 192.168.117.2-20,192.168.117.244

# 添加PPTP VPN用户
#编辑
	sudo vi /etc/ppp/chap-secrets
#添加如下内容:
	username pptpd password *
#其中username为你要添加的VPN帐号的用户名,password为你VPN帐号的密码。

# 修改DNS服务器
#编辑
	sudo vi /etc/ppp/pptpd-options
#添加如下内容:
	ms-dns 8.8.8.8
	ms-dns 8.8.4.4

# 开启IPv4转发
#编辑
	sudo vi /etc/sysctl.conf
去掉net.ipv4.ip_forward=1前的注释#
#运行如下命令,使配置修改生效:
	sudo sysctl -p

# 重启pptpd服务
	sudo /etc/init.d/pptpd restart

# 安装iptables 如果已经安装可以跳过
	sudo apt-get install iptables

# 开启iptables转发(其中eth0是联网网卡,192.168.117.0/24是准备使用的网段与第2步骤设相同)
	sudo iptables -t nat -A POSTROUTING -s 192.168.117.0/24 -o eth0 -j MASQUERADE

# 如果需要每次reboot后都自动生效可以考虑下面步骤
#首先用vi 编辑下面文件
	sudo vi /etc/rc.local
#加入下面命令
	iptables -t nat -A POSTROUTING -s 192.168.117.0/24 -o eth0 -j MASQUERADE

# ufw(ubuntu12.04已经有防火墙了叫ufw,默认是disable),如果你把ufw开启了,那么需要如下设置来允许pptp转发数据包
#使用vi编辑,"DEFAULT_FORWARD_POLICY" 从 "DROP" 改为 "ACCEPT"
	vi /etc/default/ufw

### 最后(如果你的服务器有其他防火墙保护,请记得开启tcp端口1723来公pptp服务通过。例如亚马逊的AWS EC2 instance,需要打开Security Groups: 1723 端口)

	sudo reboot

#相信现在就可以上youtube,等等了。。

#顺便说一下,各个vps主机商队软网卡接口完成的功能也会有区别,例如vps.net在iptables同上设置是不可行的需要修改下
iptables -t nat -A POSTROUTING -s 192.168.117.0/24 -o eth0 -j SNAT --to-source xxx.xxx.xxx.xxx
#其中xxx.xxx.xxx.xxx是你的vpn服务器ip地址

下面再放上自己的ping值测试,基本可以知道新加坡主机是最适合我们的了。

##################################(Jiangsu,time(12:39))----ping---->
(1)US East(N.Virginia)
	11 packets transmitted, 11 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 317.290/322.619/324.962/2.000 ms
(2)Sydney
	11 packets transmitted, 6 packets received, 45.5% packet loss
	round-trip min/avg/max/stddev = 294.606/299.774/304.150/3.461 ms
(3)US WEST
	13 packets transmitted, 13 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 166.236/167.127/169.265/0.738 ms
(4)Tokyo
	13 packets transmitted, 12 packets received, 7.7% packet loss
	round-trip min/avg/max/stddev = 467.675/478.487/486.440/6.229 ms
(5)singapore # best #  在2013年2月后新加坡主机ping值到了200 哎。。
	33 packets transmitted, 33 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 80.997/122.790/189.679/32.634 ms
()Linode US WEST
	12 packets transmitted, 12 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 168.458/169.068/169.640/0.301 ms

##################################(Jiangsu,time(14:23))----ping---->
(1)US East(N.Virginia)
	19 packets transmitted, 19 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 319.509/321.464/323.474/1.146 ms
(2)Sydney
	12 packets transmitted, 10 packets received, 16.7% packet loss
	round-trip min/avg/max/stddev = 293.089/298.841/304.362/3.678 ms
(3)US WEST
	12 packets transmitted, 12 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 165.934/169.266/196.181/8.132 ms
(4)Tokyo
	13 packets transmitted, 12 packets received, 7.7% packet loss
	round-trip min/avg/max/stddev = 476.845/487.738/496.054/5.963 ms
(5)singapore # best #  在2013年2月后新加坡主机ping值到了200 哎。。
	19 packets transmitted, 19 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 77.451/78.269/79.118/0.420 ms
()Linode US WEST
	10 packets transmitted, 10 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 211.253/221.108/230.689/4.175 ms

##################################(Jiangsu,time(20:03))----ping---->
(1)US East(N.Virginia)
	10 packets transmitted, 10 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 320.087/321.430/323.464/1.070 ms
(2)Sydney
	10 packets transmitted, 8 packets received, 20.0% packet loss
	round-trip min/avg/max/stddev = 290.468/297.441/305.830/4.740 ms
(3)US WEST
	10 packets transmitted, 7 packets received, 30.0% packet loss
	round-trip min/avg/max/stddev = 360.769/367.320/373.894/4.108 ms
(4)Tokyo
	10 packets transmitted, 10 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 525.706/536.940/565.172/12.491 ms
(5)singapore # best # 在2013年2月后新加坡主机ping值到了200 哎。。
	10 packets transmitted, 10 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 77.986/78.439/79.322/0.406 ms
()Linode US WEST
	10 packets transmitted, 10 packets received, 0.0% packet loss
	round-trip min/avg/max/stddev = 251.263/261.108/269.689/6.275 ms
Related Posts:
Leave a Reply
You must be logged in to post a comment.