我正在尝试使用pptpd设置VPN服务器,并且无法确定应该将哪个IP地址范围传递给它的remoteipconfiguration选项。 我可以很好地连接到VPN,但是当我尝试使用连接发出请求时,它不能解决。
这是我的pptpd.conf文件:
############################################################################### # $Id$ # # Sample Poptop configuration file /etc/pptpd.conf # # Changes are effective when pptpd is restarted. ############################################################################### # TAG: ppp # Path to the pppd program, default '/usr/sbin/pppd' on Linux # #ppp /usr/sbin/pppd # TAG: option # Specifies the location of the PPP options file. # By default PPP looks in '/etc/ppp/options' # option /etc/ppp/pptpd-options # TAG: debug # Turns on (more) debugging to syslog # debug # TAG: stimeout # Specifies timeout (in seconds) on starting ctrl connection # # stimeout 10 # TAG: noipparam # Suppress the passing of the client's IP address to PPP, which is # done by default otherwise. # #noipparam # TAG: logwtmp # Use wtmp(5) to record client connections and disconnections. # logwtmp # TAG: bcrelay <if> # Turns on broadcast relay to clients from interface <if> # #bcrelay eth1 # TAG: localip # TAG: remoteip # Specifies the local and remote IP address ranges. # # Any addresses work as long as the local machine takes care of the # routing. But if you want to use MS-Windows networking, you should # use IP addresses out of the LAN address space and use the proxyarp # option in the pppd options file, or run bcrelay. # # You can specify single IP addresses seperated by commas or you can # specify ranges, or both. For example: # # 192.168.0.234,192.168.0.245-249,192.168.0.254 # # IMPORTANT RESTRICTIONS: # # 1. No spaces are permitted between commas or within addresses. # # 2. If you give more IP addresses than MAX_CONNECTIONS, it will # start at the beginning of the list and go until it gets # MAX_CONNECTIONS IPs. Others will be ignored. # # 3. No shortcuts in ranges! ie. 234-8 does not mean 234 to 238, # you must type 234-238 if you mean this. # # 4. If you give a single localIP, that's ok - all local IPs will # be set to the given one. You MUST still give at least one remote # IP for each simultaneous client. # # (Recommended) localip 192.168.0.1 remoteip 192.168.0.170-180,192.168.0.245 # or #localip 192.168.0.234-238,192.168.0.245 #remoteip 192.168.1.234-238,192.168.1.245 # Use Google's DNS ms-dns 8.8.8.8 ms-dns 8.8.4.4
我试图按照这个教程 。
当我连接到VPN,然后尝试ping ,我得到以下内容:
$ ping google.com ping: cannot resolve google.com: Unknown host
首先,我build议你放弃PPTP,因为它可能是不安全的,不应该依赖于隐私 ,取决于networking环境/客户端系统的限制,将其replace为OpenVPN或IPsec。
了解这一点,如果你想继续使用PPTP:
尝试平8.8.8.8排除一个DNS问题。
如果这不起作用(如果你通过VPN,这是一个客户端选项转发所有的stream量),你可能没有在你的pptp服务器的linux(我在这里假设)内核启用IPv4转发。
要立即这样做:
# sysctl -w net.ipv4.ip_forward=1
然后,使configuration永久编辑/etc/sysctl.conf,并find引用net.ipv4.ip_forward和un-comment(删除#在行首)它的部分。
如果您有任何防火墙规则,请检查是否允许伪装/ NAT通信。
Ubuntu的pptpd软件包只支持i386架构 – 我使用的是Ubuntu的x86版本。