From 72cbf3bf63f1984b9213e9ea144d3ddb25bfb86e Mon Sep 17 00:00:00 2001 From: kev Date: Sun, 28 Jun 2015 17:28:32 +0800 Subject: [PATCH] update --- pptpd/README.md | 60 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 58 insertions(+), 2 deletions(-) diff --git a/pptpd/README.md b/pptpd/README.md index a960730..d390e1d 100644 --- a/pptpd/README.md +++ b/pptpd/README.md @@ -4,9 +4,20 @@ pptpd [![](https://badge.imagelayers.io/vimagick/pptpd:latest.svg)](https://imagelayers.io/?images=vimagick/pptpd:latest) The Point-to-Point Tunneling Protocol is a method for implementing virtual private networks. -PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. -## docker-compose.yml +`PPTP` uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. + +## directory tree + +``` +~/fig/pptpd/ +├── docker-compose.yml +├── pptpd.conf +├── pptpd-options +└── chap-secrets +``` + +file: docker-compose.yml ``` pptpd: @@ -19,10 +30,51 @@ pptpd: restart: always ``` +file: pptpd.conf + +``` +option /etc/ppp/pptpd-options +pidfile /var/run/pptpd.pid +localip 192.168.127.1 +remoteip 192.168.127.100-199 +``` + +file: pptpd-options + +``` +name pptpd +refuse-pap +refuse-chap +refuse-mschap +require-mschap-v2 +require-mppe-128 +proxyarp +nodefaultroute +lock +nobsdcomp +novj +novjccomp +nologfd +ms-dns 8.8.8.8 +ms-dns 8.8.4.4 +``` + +file: chap-secrets + +``` +# Secrets for authentication using CHAP +# client server secret IP addresses + +username * password * +``` + +> Please use strong password in `cha-secrets` file to protect your server. + ## server ``` $ modprobe nf_conntrack_pptp nf_nat_pptp +$ cd ~/fig/pptpd/ $ docker-compose up -d ``` @@ -32,3 +84,7 @@ You need to config firewall: - To let PPTP tunneled data to pass through router, `allow proto gre`. - Set `net.ipv4.ip_forward=1` - Set `DEFAULT_FORWARD_POLICY=ACCEPT` + +## client + +Connect PPTP server using `username:password` with `mppe-128` encyption.