Your SlideShare is downloading. ×
FreeBSD VPN Server
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

FreeBSD VPN Server

632
views

Published on

a tutorial guide explaining how to install FreeBSD as a VPN server, an experience at IMTelkom (http://www.imtelkom.ac.id)

a tutorial guide explaining how to install FreeBSD as a VPN server, an experience at IMTelkom (http://www.imtelkom.ac.id)

Published in: Education, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
632
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id)Instalasi VPN Server : MPDMPD (Multi Protocol Daemon) adalah aplikasi untuk VPN server yang bisamengakomodasi Microsoft Dial Up (PPTP, Point to Point Tunelling Protocol)sehingga user yang menggunakan platform Microsoft Windows bisa membuat VPNDial Up dan terkoneksi secara virtual dengan suatu LAN intranet.Instalasi MPD dilakukan dengan :# cd /usr/ports/net/mpd# make install clean……… <tunggu sampai selesai> ………MPD membutuhkan 3 file konfigurasi yg ada di /usr/local/etc/mpd :# ls -l /usr/local/etc/mpdtotal 198-rw------- 1 root wheel 27131 Jun 28 15:30 mpd.conf-rw------- 1 root wheel 29354 Jun 28 15:24 mpd.links-rw------- 1 root wheel 82641 Jun 28 15:24 mpd.secret# cat /usr/local/etc/mpd/mpd.confdefault: load pptp2 load pptp3………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>………dialin: new -i ng1 dialin dlink set iface addrs 172.16.3.1 172.16.3.2 set iface idle 900 set ipcp ranges 172.16.3.1/32 172.16.3.2/32 set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set ipcp yes vjcomp set link enable chap pap set link disable pap set link deny chap pap set link yes acfcomp protocomp set modem idle-script AnswerCall set modem speed 57600pptp: set iface disable on-demand set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e56 set ccp yes mpp-e128 set ccp yes mpp-stateless set ecp yes despptp2: new -i ng2 pptp2 pptp2 load pptp
  • 2. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set ipcp ranges 172.16.1.1/32 172.16.2.2/16pptp3: new -i ng3 pptp3 pptp3 load pptp set ipcp ranges 172.16.1.1/32 172.16.2.3/16………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>………vpn: new -i ng1 vpn vpn set iface disable on-demand set iface addrs 192.168.1.1 192.168.2.1 set iface idle 0 set iface route 192.168.2.0/24 set bundle disable multilink set bundle authname "VpnLogin" set bundle password "VpnPassword" set link yes acfcomp protocomp set link no pap set link yes chap set link keep-alive 10 75 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.2.1/32 openPPPoE: new -i ng0 PPPoE PPPoE set iface addrs 1.1.1.1 2.2.2.2 set iface route default set iface disable on-demand set iface idle 0 set bundle disable multilink set bundle authname MyLogin set link no acfcomp protocomp set link disable pap chap set link accept chap set ipcp yes vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 open iface# cat /usr/local/etc/mpd/mpd.linksdlink: set link type modem set modem device /dev/cuaa1pptp: set link type pptp set pptp mode passive set pptp self 10.1.1.2 set pptp enable incoming set pptp disable originate set pptp disable windowingpptp2: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming set pptp disable windowingpptp3: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming
  • 3. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set pptp disable originate set pptp disable windowing………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>………# cat /usr/local/etc/mpd/mpd.secretuser1 pass1 172.16.1.2user2 pass2 172.16.1.3user3 pass3 172.16.1.4user4 pass4 172.16.1.5………<dst>………Untuk melihat siapa saja yg sedang login ke VPN server, bisa dilakukan dengan :# ifconfig | grep 172.16 | grep –n 172.16Setting yg digunakan jika MPD akan digunakan sbg dialer (client) :# cat /usr/local/etc/mpd/mpd.confsisfo:new -i ng0 sis sisset iface disable on-demandset iface idle 0set auth authname "root"set auth password "sengajadisalahin"set link no papset link mtu 1460openvpn:new -i ng1 vpn vpnset iface disable on-demandset iface idle 0set bundle disable multilinkset auth authname "sisfo"set auth password "passwordsisfo"set link yes acfcomp protocompset link no papset link yes chapset link disable pap chap chap-msv1 chap-msv2 chap-md5set link mtu 1460set link keep-alive 10 75set ipcp yes vjcompset ccp yes mppcset ccp yes mpp-e40set ccp yes mpp-e128set bundle enable crypt-reqdset ccp yes mpp-statelessopen# cat /usr/local/etc/mpd/mpd.linksvpn:set link type pptpset link mtu 1200set link mru 1200set pptp peer 10.1.1.2set pptp enable originatesis:set link type pptpset link mtu 1400set link mru 1400set pptp peer 10.1.1.2set pptp enable originate
  • 4. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id)MPD5 menyediakan koneksi secara dinamis, dimana kita tidak perlu membuatkonfigurasi untuk setiap koneksi (pada MPD3, jika kita ingin mengakomodasi 250user yang bisa konek, maka kita harus membuat 250 konfigurasi pptp).Untuk menggunakan MPD5 :# cd /usr/ports/net/mpd5# make install clean……… <tunggu sampai selesai> ………$ cat /usr/local/etc/mpd5/mpd.confstartup: set user root password admin set console self 127.0.0.1 5005 set console opendefault: load pptp_serverpptp_server: set ippool add pool1 10.1.1.51 10.1.1.60  menyediakan 10 PPTP create bundle template B set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set ipcp yes vjcomp set ipcp ranges 10.1.1.1/32 ippool pool1 set ipcp dns 10.1.1.12 set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless create link template L pptp set link action bundle B set link enable multilink set link yes acfcomp protocomp set link no pap chap eap set link enable chap set link keep-alive 10 60 set link mtu 1460 set pptp self 10.1.1.2 set link enable incoming$ cat /usr/local/etc/mpd5/mpd.secretuser1 "pass1" 10.1.10.10