FREEBSD 下VPN的安装配置

目标: 达到使用Windows 2000/XP进行VPN拨号连接, 软件选用mpd

1 mpd的安装
通过ports安装mpd

# cd /usr/ports/net/mpd
# make all install clean
   

2 mpd的配置
VPN配置文件有mpd.conf, mpd.links, mpd.secret

/usr/local/etc/mpd/mpd.conf配置如下:

default:
    load vpn
vpn:
    new -i ng1 vpn vpn
    set iface disable on-demand
    set iface addrs 192.168.0.1
    set iface idle 0
    set iface route 192.168.0.0/24
    set bundle disable multilink
    set bundle authname "VpnLogin"
    set bundle password "VpnPassword"
    set link yes acfcomp protocomp
    set link no pap
    set link yes chap
    set link mtu 1460
# If remote machine is NT you need this..
#   set link enable no-orig-auth
    set link keep-alive 10 75
    set ipcp yes vjcomp
    set ipcp ranges 192.168.0.1/32 192.168.0.254/32
#
# The five lines below enable Microsoft Point-to-Point encryption
# (MPPE) using the ng_mppc(8) netgraph node type.
#
    set bundle enable compression
    set ccp yes mppc
    set ccp yes mpp-e40
    set ccp yes mpp-e128
    set bundle enable crypt-reqd
    set ccp yes mpp-stateless
    open
   

/usr/local/etc/mpd/mpd.links配置如下:

vpn:
        set link type pptp
        set pptp self 192.168.0.1
#        set pptp peer 2.3.4.5
        set pptp enable originate incoming outcall
   

/usr/local/etc/mpd/mpd.secret是用户的帐号和密码:

jerry      "11111111"
emma            "88888888"
test        "test"      192.168.0.254      
   

/usr/local/etc/rc.d/mpd.sh

#! /bin/sh
case $1 in
start)
    [ -x /usr/local/sbin/mpd ] && \
        [ -f "/usr/local/etc/mpd/mpd.conf" ] && \
        /usr/local/sbin/mpd -b && \
        echo -n ' mpd'
    ;;
stop)
    killall mpd && echo -n ' mpd'
    ;;
*)
    echo "Usage: `basename $0` {start|stop}" <&2
    exit 64
    ;;
esac
exit 0
   

使用`mpd.sh start'启动, 在另一台WinXP上添加网络连接, 使用VPN, 输入用户和密码及主机地址就可以连上了。