NUBSolutions

Just another WordPress.com weblog

VPN Bagian 1

Posted by nubsolutions on April 29, 2009

OS: FC9

########SISI SERVER##########
[root@vpn ~]# rpm -qa | grep pptp
pptp-1.7.1-4.fc9.i386
pptpd-1.3.4-1.fc9.1.i386

Install pptpd
[root@localhost Download]# wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-1.fc9.1.i386.rpm
–2009-04-06 15:44:30– http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-1.fc9.1.i386.rpm
Resolving poptop.sourceforge.net… 216.34.181.96
Connecting to poptop.sourceforge.net|216.34.181.96|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 83410 (81K) [application/x-rpm]
Saving to: `pptpd-1.3.4-1.fc9.1.i386.rpm’

100%[======================================>] 83,410 83.7K/s in 1.0s

2009-04-06 15:44:33 (83.7 KB/s) – `pptpd-1.3.4-1.fc9.1.i386.rpm’ saved [83410/83410]

[root@localhost Download]# ls
pptpd-1.3.4-1.fc9.1.i386.rpm
[root@localhost Download]# rpm -ivh pptpd-1.3.4-1.fc9.1.i386.rpm
warning: pptpd-1.3.4-1.fc9.1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 862acc42
Preparing… ########################################### [100%]
1:pptpd ########################################### [100%]
[root@localhost Download]# rpm -qa | grep ppt
pptpd-1.3.4-1.fc9.1.i386

cari module ppp

[root@localhost Download]# wget ftp://fr2.rpmfind.net/linux/fedora/updates/9/x86_64.newkey/ppp-devel-2.4.4-7.fc9.i386.rpm
–2009-04-06 15:58:30– ftp://fr2.rpmfind.net/linux/fedora/updates/9/x86_64.newkey/ppp-devel-2.4.4-7.fc9.i386.rpm
=> `ppp-devel-2.4.4-7.fc9.i386.rpm’
Resolving fr2.rpmfind.net… 195.220.108.108
Connecting to fr2.rpmfind.net|195.220.108.108|:21… connected.
Logging in as anonymous … Logged in!
==> SYST … done. ==> PWD … done.
==> TYPE I … done. ==> CWD /linux/fedora/updates/9/x86_64.newkey … done.
==> SIZE ppp-devel-2.4.4-7.fc9.i386.rpm … 45215
==> PASV … done. ==> RETR ppp-devel-2.4.4-7.fc9.i386.rpm … done.
Length: 45215 (44K)

100%[=======================================>] 45,215 29.4K/s in 1.5s

2009-04-06 15:58:36 (29.4 KB/s) – `ppp-devel-2.4.4-7.fc9.i386.rpm’ saved [45215]

[root@localhost Download]# ls
ppp-devel-2.4.4-7.fc9.i386.rpm pptpd-1.3.4-1.fc9.1.i386.rpm
[root@localhost Download]# ls -la
total 144
drwxr-xr-x 2 mis mis 4096 2009-04-06 15:58 .
drwx—— 26 mis mis 4096 2009-04-06 14:48 ..
-rw-r–r– 1 root root 45215 2009-04-06 15:58 ppp-devel-2.4.4-7.fc9.i386.rpm
-rw-r–r– 1 root root 83410 2008-05-15 04:49 pptpd-1.3.4-1.fc9.1.i386.rpm
[root@localhost Download]# rpm -ivh ppp-devel-2.4.4-7.fc9.i386.rpm
warning: ppp-devel-2.4.4-7.fc9.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6df2196f
Preparing… ########################################### [100%]
1:ppp-devel ########################################### [100%]
[root@localhost Download]#

Edit pptpd.conf
[root@vpn etc]# vi /etc/pptpd.conf
name *
auth
+chap
ms-dns 200.x.x.x
proxyarp
debug
lock
nobsdcomp
novjccomp
nologfd
ppp /usr/sbin/pppd
option /etc/ppp/options.pptpd
debug
logwtmp
localip 202.x.x.x
remoteip 10.10.1.150-155

Edit user akses
[root@vpn ppp]# vi chap-secrets
# Secrets for authentication using CHAP
# client server secret IP addresses
hr * hr *
ra * ra *

check selinux secara command line, inaktifkan selinux, untuk lokalisir agar fungsi VPN benar benar jalan
#cat/selinux/enforce

jika nilai 1 berarti aktif
jika nilai 0 berarti tidak aktif

untuk disable

#echo 0 >/selinux/enforce

untuk enable

#echo 1 >/selinux/enforce

jika ingin secara permanent, maka buka file /etc/selinux/config

pada bagian SELINUX=enforcing , diganti jadi disabled

Bila masih belum bisa login juga, masukkan service vpn di dalan firewall, atau matikan dulu fungsi firewall untuk memastikan vpn sudah berjalan dengan benar.

Aktifasi IP Forwarding
vim/etc/sysctl.conf
net.ipv4.ip_forward = 1

jika ingin aktifasi langsung
[root@localhost sbin]# /sbin/sysctl -w net.ipv4.ip_forward=1

#########MONITORING##############
[root@vpn etc]# ps ax | grep pptp*
3218 pts/0 R+ 0:00 grep pptpd.conf

LOG Authentikasi VPN User jika berhasil

Oct 11 16:01:25 vpn pptpd[20519]: CTRL: Client 202.136.x.x control connection started
Oct 11 16:01:25 vpn pptpd[20519]: CTRL: Starting call (launching pppd, opening GRE)
Oct 11 16:01:25 vpn pppd[20522]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Oct 11 16:01:25 vpn pppd[20522]: pptpd-logwtmp: $Version$
Oct 11 16:01:25 vpn pppd[20522]: pppd 2.4.4 started by root, uid 0
Oct 11 16:01:25 vpn pppd[20522]: Using interface ppp0
Oct 11 16:01:25 vpn pppd[20522]: Connect: ppp0 /dev/pts/1
Oct 11 16:01:25 vpn pptpd[20519]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Oct 11 16:01:25 vpn pppd[20522]: found interface eth1 for proxy arp
Oct 11 16:01:25 vpn pppd[20522]: local IP address 202.x.x.x
Oct 11 16:01:25 vpn pppd[20522]: remote IP address 10.10.1.150
Oct 11 16:01:25 vpn pppd[20522]: pptpd-logwtmp.so ip-up ppp0 hr 202.136.x.x

########SISI CLIENT##########

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: