SlideShare ist ein Scribd-Unternehmen logo

FreeBSD VPN Server

Telkom Institute of Management
Telkom Institute of Management

a tutorial guide explaining how to install FreeBSD as a VPN server, an experience at IMTelkom (http://www.imtelkom.ac.id)

BildungTechnologie
1 von 4
Downloaden Sie, um offline zu lesen
Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) Instalasi VPN Server : MPD MPD (Multi Protocol Daemon) adalah aplikasi untuk VPN server yang bisa mengakomodasi Microsoft Dial Up (PPTP, Point to Point Tunelling Protocol) sehingga user yang menggunakan platform Microsoft Windows bisa membuat VPN Dial Up dan terkoneksi secara virtual dengan suatu LAN intranet. Instalasi MPD dilakukan dengan : # cd /usr/ports/net/mpd # make install clean ……… <tunggu sampai selesai> ……… MPD membutuhkan 3 file konfigurasi yg ada di /usr/local/etc/mpd : # ls -l /usr/local/etc/mpd total 198 -rw------- 1 root wheel 27131 Jun 28 15:30 mpd.conf -rw------- 1 root wheel 29354 Jun 28 15:24 mpd.links -rw------- 1 root wheel 82641 Jun 28 15:24 mpd.secret # cat /usr/local/etc/mpd/mpd.conf default: load pptp2 load pptp3 ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… dialin: new -i ng1 dialin dlink set iface addrs 172.16.3.1 172.16.3.2 set iface idle 900 set ipcp ranges 172.16.3.1/32 172.16.3.2/32 set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set ipcp yes vjcomp set link enable chap pap set link disable pap set link deny chap pap set link yes acfcomp protocomp set modem idle-script AnswerCall set modem speed 57600 pptp: set iface disable on-demand set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e56 set ccp yes mpp-e128 set ccp yes mpp-stateless set ecp yes des pptp2: new -i ng2 pptp2 pptp2 load pptp
Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set ipcp ranges 172.16.1.1/32 172.16.2.2/16 pptp3: new -i ng3 pptp3 pptp3 load pptp set ipcp ranges 172.16.1.1/32 172.16.2.3/16 ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… vpn: new -i ng1 vpn vpn set iface disable on-demand set iface addrs 192.168.1.1 192.168.2.1 set iface idle 0 set iface route 192.168.2.0/24 set bundle disable multilink set bundle authname "VpnLogin" set bundle password "VpnPassword" set link yes acfcomp protocomp set link no pap set link yes chap set link keep-alive 10 75 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.2.1/32 open PPPoE: new -i ng0 PPPoE PPPoE set iface addrs 1.1.1.1 2.2.2.2 set iface route default set iface disable on-demand set iface idle 0 set bundle disable multilink set bundle authname MyLogin set link no acfcomp protocomp set link disable pap chap set link accept chap set ipcp yes vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 open iface # cat /usr/local/etc/mpd/mpd.links dlink: set link type modem set modem device /dev/cuaa1 pptp: set link type pptp set pptp mode passive set pptp self 10.1.1.2 set pptp enable incoming set pptp disable originate set pptp disable windowing pptp2: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming set pptp disable windowing pptp3: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming
Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set pptp disable originate set pptp disable windowing ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… # cat /usr/local/etc/mpd/mpd.secret user1 pass1 172.16.1.2 user2 pass2 172.16.1.3 user3 pass3 172.16.1.4 user4 pass4 172.16.1.5 ………<dst>……… Untuk melihat siapa saja yg sedang login ke VPN server, bisa dilakukan dengan : # ifconfig | grep 172.16 | grep –n 172.16 Setting yg digunakan jika MPD akan digunakan sbg dialer (client) : # cat /usr/local/etc/mpd/mpd.conf sisfo: new -i ng0 sis sis set iface disable on-demand set iface idle 0 set auth authname "root" set auth password "sengajadisalahin" set link no pap set link mtu 1460 open vpn: new -i ng1 vpn vpn set iface disable on-demand set iface idle 0 set bundle disable multilink set auth authname "sisfo" set auth password "passwordsisfo" set link yes acfcomp protocomp set link no pap set link yes chap set link disable pap chap chap-msv1 chap-msv2 chap-md5 set link mtu 1460 set link keep-alive 10 75 set ipcp yes vjcomp set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless open # cat /usr/local/etc/mpd/mpd.links vpn: set link type pptp set link mtu 1200 set link mru 1200 set pptp peer 10.1.1.2 set pptp enable originate sis: set link type pptp set link mtu 1400 set link mru 1400 set pptp peer 10.1.1.2 set pptp enable originate
Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) MPD5 menyediakan koneksi secara dinamis, dimana kita tidak perlu membuat konfigurasi untuk setiap koneksi (pada MPD3, jika kita ingin mengakomodasi 250 user yang bisa konek, maka kita harus membuat 250 konfigurasi pptp). Untuk menggunakan MPD5 : # cd /usr/ports/net/mpd5 # make install clean ……… <tunggu sampai selesai> ……… $ cat /usr/local/etc/mpd5/mpd.conf startup: set user root password admin set console self 127.0.0.1 5005 set console open default: load pptp_server pptp_server: set ippool add pool1 10.1.1.51 10.1.1.60  menyediakan 10 PPTP create bundle template B set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set ipcp yes vjcomp set ipcp ranges 10.1.1.1/32 ippool pool1 set ipcp dns 10.1.1.12 set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless create link template L pptp set link action bundle B set link enable multilink set link yes acfcomp protocomp set link no pap chap eap set link enable chap set link keep-alive 10 60 set link mtu 1460 set pptp self 10.1.1.2 set link enable incoming $ cat /usr/local/etc/mpd5/mpd.secret user1 "pass1" 10.1.10.10

Empfohlen

Iptables
IptablesIptables
Iptablesleminhvuong
 
TCP Intercept
TCP InterceptTCP Intercept
TCP InterceptNetwax Lab
 
Fail2ban
Fail2banFail2ban
Fail2banRuslan Conk
 
Dhcp
DhcpDhcp
DhcpMd Shihab
 
Iptables fundamentals
Iptables fundamentalsIptables fundamentals
Iptables fundamentalsram_b17
 
libpcap
libpcaplibpcap
libpcapmohan43u
 
Introduction to firewalls through Iptables
Introduction to firewalls through IptablesIntroduction to firewalls through Iptables
Introduction to firewalls through IptablesBud Siddhisena
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 

Empfohlen

Iptables
IptablesIptables
Iptablesleminhvuong
 
TCP Intercept
TCP InterceptTCP Intercept
TCP InterceptNetwax Lab
 
Fail2ban
Fail2banFail2ban
Fail2banRuslan Conk
 
Dhcp
DhcpDhcp
DhcpMd Shihab
 
Iptables fundamentals
Iptables fundamentalsIptables fundamentals
Iptables fundamentalsram_b17
 
libpcap
libpcaplibpcap
libpcapmohan43u
 
Introduction to firewalls through Iptables
Introduction to firewalls through IptablesIntroduction to firewalls through Iptables
Introduction to firewalls through IptablesBud Siddhisena
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main boardAURELIO PY5BK
 
In depth understanding network security
In depth understanding network securityIn depth understanding network security
In depth understanding network securityThanawan Tuamyim
 
Tcpdump
TcpdumpTcpdump
TcpdumpMohamed Gamel
 
Openvpn
OpenvpnOpenvpn
Openvpnmato2012
 
Pound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de CargaPound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de Cargagsroma
 
Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
Kickstart
KickstartKickstart
KickstartDhananjayan Ezhumalai
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversionjames Omara
 
7. protocols
7. protocols7. protocols
7. protocolsMarian Marinov
 
7.protocols 2
7.protocols 27.protocols 2
7.protocols 2Marian Marinov
 
Firewalld LAB
Firewalld LABFirewalld LAB
Firewalld LABKaan Aslandağ
 
Comandos cisco x huawei
Comandos cisco x huaweiComandos cisco x huawei
Comandos cisco x huaweiandre gomes
 
Tcpdump
TcpdumpTcpdump
TcpdumpSourav Roy
 
Machinekit - Current Status of Machinetalk
Machinekit - Current Status of MachinetalkMachinekit - Current Status of Machinetalk
Machinekit - Current Status of MachinetalkAlexander Rössler
 
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networksPLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networksPROIDEA
 
RTSP Analysis Wireshark
RTSP Analysis WiresharkRTSP Analysis Wireshark
RTSP Analysis WiresharkYoss Cohen
 
Copy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attackCopy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attackVishal Gurujuwada
 
Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8Kaan Aslandağ
 
Debugging Ruby
Debugging RubyDebugging Ruby
Debugging RubyAman Gupta
 
Debugging Ruby Systems
Debugging Ruby SystemsDebugging Ruby Systems
Debugging Ruby SystemsEngine Yard
 
AT Rapier Usecase Document
AT Rapier Usecase DocumentAT Rapier Usecase Document
AT Rapier Usecase DocumentTelkom Institute of Management
 
SAMP (Solaris, Apache, MySQL, PHP)
SAMP (Solaris, Apache, MySQL, PHP)SAMP (Solaris, Apache, MySQL, PHP)
SAMP (Solaris, Apache, MySQL, PHP)Telkom Institute of Management
 

Weitere ähnliche Inhalte

Was ist angesagt?

How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main boardAURELIO PY5BK
 
In depth understanding network security
In depth understanding network securityIn depth understanding network security
In depth understanding network securityThanawan Tuamyim
 
Pound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de CargaPound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de Cargagsroma
 
Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorialannik147
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversionjames Omara
 
Comandos cisco x huawei
Comandos cisco x huaweiComandos cisco x huawei
Comandos cisco x huaweiandre gomes
 
Machinekit - Current Status of Machinetalk
Machinekit - Current Status of MachinetalkMachinekit - Current Status of Machinetalk
Machinekit - Current Status of MachinetalkAlexander Rössler
 
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networksPLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networksPROIDEA
 
RTSP Analysis Wireshark
RTSP Analysis WiresharkRTSP Analysis Wireshark
RTSP Analysis WiresharkYoss Cohen
 
Copy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attackCopy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attackVishal Gurujuwada
 
Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8Kaan Aslandağ
 
Debugging Ruby
Debugging RubyDebugging Ruby
Debugging RubyAman Gupta
 
Debugging Ruby Systems
Debugging Ruby SystemsDebugging Ruby Systems
Debugging Ruby SystemsEngine Yard
 

Was ist angesagt? (20)

How to use mmdvm host wif main board
How to use mmdvm host wif main boardHow to use mmdvm host wif main board
How to use mmdvm host wif main board
 
In depth understanding network security
In depth understanding network securityIn depth understanding network security
In depth understanding network security
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Openvpn
OpenvpnOpenvpn
Openvpn
 
Pound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de CargaPound & Varnish - Cache e Balanceamento de Carga
Pound & Varnish - Cache e Balanceamento de Carga
 
Linux internet server security and configuration tutorial
Linux internet server security and configuration tutorialLinux internet server security and configuration tutorial
Linux internet server security and configuration tutorial
 
Kickstart
KickstartKickstart
Kickstart
 
Huawei cisco command conversion
Huawei cisco command conversionHuawei cisco command conversion
Huawei cisco command conversion
 
7. protocols
7. protocols7. protocols
7. protocols
 
7.protocols 2
7.protocols 27.protocols 2
7.protocols 2
 
Firewalld LAB
Firewalld LABFirewalld LAB
Firewalld LAB
 
Comandos cisco x huawei
Comandos cisco x huaweiComandos cisco x huawei
Comandos cisco x huawei
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Machinekit - Current Status of Machinetalk
Machinekit - Current Status of MachinetalkMachinekit - Current Status of Machinetalk
Machinekit - Current Status of Machinetalk
 
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networksPLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
PLNOG 13: Piotr Głaska: Quality of service monitoring in IP networks
 
RTSP Analysis Wireshark
RTSP Analysis WiresharkRTSP Analysis Wireshark
RTSP Analysis Wireshark
 
Copy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attackCopy of a simple tcp spoofing attack
Copy of a simple tcp spoofing attack
 
Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8Configuration Firewalld On CentOS 8
Configuration Firewalld On CentOS 8
 
Debugging Ruby
Debugging RubyDebugging Ruby
Debugging Ruby
 
Debugging Ruby Systems
Debugging Ruby SystemsDebugging Ruby Systems
Debugging Ruby Systems
 

Andere mochten auch

Andere mochten auch (8)

AT Rapier Usecase Document
AT Rapier Usecase DocumentAT Rapier Usecase Document
AT Rapier Usecase Document
 
SAMP (Solaris, Apache, MySQL, PHP)
SAMP (Solaris, Apache, MySQL, PHP)SAMP (Solaris, Apache, MySQL, PHP)
SAMP (Solaris, Apache, MySQL, PHP)
 
Oracle VirtualBox
Oracle VirtualBoxOracle VirtualBox
Oracle VirtualBox
 
FreeBSD Proxy Server
FreeBSD Proxy ServerFreeBSD Proxy Server
FreeBSD Proxy Server
 
FreeBSD Installation
FreeBSD InstallationFreeBSD Installation
FreeBSD Installation
 
FreeBSD Traffic Monitoring
FreeBSD Traffic MonitoringFreeBSD Traffic Monitoring
FreeBSD Traffic Monitoring
 
Oracle on Solaris
Oracle on SolarisOracle on Solaris
Oracle on Solaris
 
Building a Secure Web Application
Building a Secure Web ApplicationBuilding a Secure Web Application
Building a Secure Web Application
 

Ähnlich wie FreeBSD VPN Server

[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network TroubleshootingOpen Source Consulting
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_trainingvideos
 
Npppd: easy vpn with OpenBSD
Npppd: easy vpn with OpenBSDNpppd: easy vpn with OpenBSD
Npppd: easy vpn with OpenBSDGiovanni Bechis
 
7 hands on
7 hands on7 hands on
7 hands onvideos
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guidejasembo
 
Modul 3 Firewalll.ppt
Modul 3 Firewalll.pptModul 3 Firewalll.ppt
Modul 3 Firewalll.pptcemporku
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingClaudio Mignanti
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingWido den Hollander
 
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleVoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleFaisal Khan
 
How can you configure Wireshark to always recognize port 444 as an S.pdf
How can you configure Wireshark to always recognize port 444 as an S.pdfHow can you configure Wireshark to always recognize port 444 as an S.pdf
How can you configure Wireshark to always recognize port 444 as an S.pdfarkleatheray
 
Deep dive in container service discovery
Deep dive in container service discoveryDeep dive in container service discovery
Deep dive in container service discoveryDocker, Inc.
 
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018DevOpsDays Tel Aviv
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center supportKrunal Shah
 
Configuration of SFTP Server on CentOS 8.pdf
Configuration of SFTP Server on CentOS 8.pdfConfiguration of SFTP Server on CentOS 8.pdf
Configuration of SFTP Server on CentOS 8.pdfKaan Aslandağ
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands OverviewMuhammed Niyas
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverTomaz Muraus
 
Stupid iptables tricks
Stupid iptables tricksStupid iptables tricks
Stupid iptables tricksJim MacLeod
 

Ähnlich wie FreeBSD VPN Server (20)

[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting
 
9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training9 creating cent_os 7_mages_for_dpdk_training
9 creating cent_os 7_mages_for_dpdk_training
 
Npppd: easy vpn with OpenBSD
Npppd: easy vpn with OpenBSDNpppd: easy vpn with OpenBSD
Npppd: easy vpn with OpenBSD
 
7 hands on
7 hands on7 hands on
7 hands on
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guide
 
Modul 3 Firewalll.ppt
Modul 3 Firewalll.pptModul 3 Firewalll.ppt
Modul 3 Firewalll.ppt
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
 
IPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic NetworkingIPv6 in CloudStack Basic Networking
IPv6 in CloudStack Basic Networking
 
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sampleVoiceBootcamp Ccnp collaboration lab guide v1.0 sample
VoiceBootcamp Ccnp collaboration lab guide v1.0 sample
 
How can you configure Wireshark to always recognize port 444 as an S.pdf
How can you configure Wireshark to always recognize port 444 as an S.pdfHow can you configure Wireshark to always recognize port 444 as an S.pdf
How can you configure Wireshark to always recognize port 444 as an S.pdf
 
Deep dive in container service discovery
Deep dive in container service discoveryDeep dive in container service discovery
Deep dive in container service discovery
 
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
 
Cisco data center support
Cisco data center supportCisco data center support
Cisco data center support
 
Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140) Network Security Best Practice (BCP38 & 140)
Network Security Best Practice (BCP38 & 140)
 
Configuration of SFTP Server on CentOS 8.pdf
Configuration of SFTP Server on CentOS 8.pdfConfiguration of SFTP Server on CentOS 8.pdf
Configuration of SFTP Server on CentOS 8.pdf
 
Router Commands Overview
Router Commands OverviewRouter Commands Overview
Router Commands Overview
 
ACI MultiPod 구성
ACI MultiPod 구성ACI MultiPod 구성
ACI MultiPod 구성
 
FreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 serverFreeBSD, ipfw and OpenVPN 2.1 server
FreeBSD, ipfw and OpenVPN 2.1 server
 
Tunnel & vpn1
Tunnel & vpn1Tunnel & vpn1
Tunnel & vpn1
 
Stupid iptables tricks
Stupid iptables tricksStupid iptables tricks
Stupid iptables tricks
 

Mehr von Telkom Institute of Management

Mehr von Telkom Institute of Management (20)

FreeBSD Name Server
FreeBSD Name ServerFreeBSD Name Server
FreeBSD Name Server
 
FreeBSD web-based MUA
FreeBSD web-based MUAFreeBSD web-based MUA
FreeBSD web-based MUA
 
FreeBSD POP3/IMAP Server
FreeBSD POP3/IMAP ServerFreeBSD POP3/IMAP Server
FreeBSD POP3/IMAP Server
 
FreeBSD Securing Mail Server
FreeBSD Securing Mail ServerFreeBSD Securing Mail Server
FreeBSD Securing Mail Server
 
FreeBSD Mailing List
FreeBSD Mailing ListFreeBSD Mailing List
FreeBSD Mailing List
 
FreeBSD Mail Server
FreeBSD Mail ServerFreeBSD Mail Server
FreeBSD Mail Server
 
FreeBSD Log Analyzer
FreeBSD Log AnalyzerFreeBSD Log Analyzer
FreeBSD Log Analyzer
 
FreeBSD PHP
FreeBSD PHPFreeBSD PHP
FreeBSD PHP
 
FreeBSD Database Server
FreeBSD Database ServerFreeBSD Database Server
FreeBSD Database Server
 
FreeBSD Web Server
FreeBSD Web ServerFreeBSD Web Server
FreeBSD Web Server
 
FreeBSD Installation
FreeBSD InstallationFreeBSD Installation
FreeBSD Installation
 
FreeBSD FTP Server
FreeBSD FTP ServerFreeBSD FTP Server
FreeBSD FTP Server
 
FreeBSD Bandwidth Management
FreeBSD Bandwidth ManagementFreeBSD Bandwidth Management
FreeBSD Bandwidth Management
 
FreeBSD Firewall
FreeBSD FirewallFreeBSD Firewall
FreeBSD Firewall
 
FreeBSD Basic Setting
FreeBSD Basic SettingFreeBSD Basic Setting
FreeBSD Basic Setting
 
FreeBSD Installation
FreeBSD InstallationFreeBSD Installation
FreeBSD Installation
 
Resource Reservation Protocol
Resource Reservation ProtocolResource Reservation Protocol
Resource Reservation Protocol
 
How IT Change the Education Process
How IT Change the Education ProcessHow IT Change the Education Process
How IT Change the Education Process
 
New CRM Approach
New CRM ApproachNew CRM Approach
New CRM Approach
 
Multimedia Object - Video
Multimedia Object - VideoMultimedia Object - Video
Multimedia Object - Video
 

Kürzlich hochgeladen

Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 

Kürzlich hochgeladen (20)

Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 

FreeBSD VPN Server

  • 1. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) Instalasi VPN Server : MPD MPD (Multi Protocol Daemon) adalah aplikasi untuk VPN server yang bisa mengakomodasi Microsoft Dial Up (PPTP, Point to Point Tunelling Protocol) sehingga user yang menggunakan platform Microsoft Windows bisa membuat VPN Dial Up dan terkoneksi secara virtual dengan suatu LAN intranet. Instalasi MPD dilakukan dengan : # cd /usr/ports/net/mpd # make install clean ……… <tunggu sampai selesai> ……… MPD membutuhkan 3 file konfigurasi yg ada di /usr/local/etc/mpd : # ls -l /usr/local/etc/mpd total 198 -rw------- 1 root wheel 27131 Jun 28 15:30 mpd.conf -rw------- 1 root wheel 29354 Jun 28 15:24 mpd.links -rw------- 1 root wheel 82641 Jun 28 15:24 mpd.secret # cat /usr/local/etc/mpd/mpd.conf default: load pptp2 load pptp3 ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… dialin: new -i ng1 dialin dlink set iface addrs 172.16.3.1 172.16.3.2 set iface idle 900 set ipcp ranges 172.16.3.1/32 172.16.3.2/32 set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set ipcp yes vjcomp set link enable chap pap set link disable pap set link deny chap pap set link yes acfcomp protocomp set modem idle-script AnswerCall set modem speed 57600 pptp: set iface disable on-demand set bundle disable multilink set link yes acfcomp protocomp set link no pap chap set link enable chap set link keep-alive 10 60 set ipcp yes vjcomp set ipcp dns 202.134.2.5  sesuaikan dengan IP DNS Server yg akan di-assign ke semua client set bundle enable compression set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e56 set ccp yes mpp-e128 set ccp yes mpp-stateless set ecp yes des pptp2: new -i ng2 pptp2 pptp2 load pptp
  • 2. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set ipcp ranges 172.16.1.1/32 172.16.2.2/16 pptp3: new -i ng3 pptp3 pptp3 load pptp set ipcp ranges 172.16.1.1/32 172.16.2.3/16 ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… vpn: new -i ng1 vpn vpn set iface disable on-demand set iface addrs 192.168.1.1 192.168.2.1 set iface idle 0 set iface route 192.168.2.0/24 set bundle disable multilink set bundle authname "VpnLogin" set bundle password "VpnPassword" set link yes acfcomp protocomp set link no pap set link yes chap set link keep-alive 10 75 set ipcp yes vjcomp set ipcp ranges 192.168.1.1/32 192.168.2.1/32 open PPPoE: new -i ng0 PPPoE PPPoE set iface addrs 1.1.1.1 2.2.2.2 set iface route default set iface disable on-demand set iface idle 0 set bundle disable multilink set bundle authname MyLogin set link no acfcomp protocomp set link disable pap chap set link accept chap set ipcp yes vjcomp set ipcp ranges 0.0.0.0/0 0.0.0.0/0 open iface # cat /usr/local/etc/mpd/mpd.links dlink: set link type modem set modem device /dev/cuaa1 pptp: set link type pptp set pptp mode passive set pptp self 10.1.1.2 set pptp enable incoming set pptp disable originate set pptp disable windowing pptp2: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming set pptp disable windowing pptp3: set link type pptp set pptp self 10.1.1.2 set pptp enable incoming
  • 3. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) set pptp disable originate set pptp disable windowing ………<sesuaikan dengan jumlah account yg boleh connect dlm satu saat>……… # cat /usr/local/etc/mpd/mpd.secret user1 pass1 172.16.1.2 user2 pass2 172.16.1.3 user3 pass3 172.16.1.4 user4 pass4 172.16.1.5 ………<dst>……… Untuk melihat siapa saja yg sedang login ke VPN server, bisa dilakukan dengan : # ifconfig | grep 172.16 | grep –n 172.16 Setting yg digunakan jika MPD akan digunakan sbg dialer (client) : # cat /usr/local/etc/mpd/mpd.conf sisfo: new -i ng0 sis sis set iface disable on-demand set iface idle 0 set auth authname "root" set auth password "sengajadisalahin" set link no pap set link mtu 1460 open vpn: new -i ng1 vpn vpn set iface disable on-demand set iface idle 0 set bundle disable multilink set auth authname "sisfo" set auth password "passwordsisfo" set link yes acfcomp protocomp set link no pap set link yes chap set link disable pap chap chap-msv1 chap-msv2 chap-md5 set link mtu 1460 set link keep-alive 10 75 set ipcp yes vjcomp set ccp yes mppc set ccp yes mpp-e40 set ccp yes mpp-e128 set bundle enable crypt-reqd set ccp yes mpp-stateless open # cat /usr/local/etc/mpd/mpd.links vpn: set link type pptp set link mtu 1200 set link mru 1200 set pptp peer 10.1.1.2 set pptp enable originate sis: set link type pptp set link mtu 1400 set link mru 1400 set pptp peer 10.1.1.2 set pptp enable originate
  • 4. Standar Instalasi FreeBS D @ Institut Manajemen Telkom ( http://www.imtelkom.ac.id) MPD5 menyediakan koneksi secara dinamis, dimana kita tidak perlu membuat konfigurasi untuk setiap koneksi (pada MPD3, jika kita ingin mengakomodasi 250 user yang bisa konek, maka kita harus membuat 250 konfigurasi pptp). Untuk menggunakan MPD5 : # cd /usr/ports/net/mpd5 # make install clean ……… <tunggu sampai selesai> ……… $ cat /usr/local/etc/mpd5/mpd.conf startup: set user root password admin set console self 127.0.0.1 5005 set console open default: load pptp_server pptp_server: set ippool add pool1 10.1.1.51 10.1.1.60  menyediakan 10 PPTP create bundle template B set iface enable proxy-arp set iface idle 1800 set iface enable tcpmssfix set ipcp yes vjcomp set ipcp ranges 10.1.1.1/32 ippool pool1 set ipcp dns 10.1.1.12 set bundle enable compression set ccp yes mppc set mppc yes e40 set mppc yes e128 set mppc yes stateless create link template L pptp set link action bundle B set link enable multilink set link yes acfcomp protocomp set link no pap chap eap set link enable chap set link keep-alive 10 60 set link mtu 1460 set pptp self 10.1.1.2 set link enable incoming $ cat /usr/local/etc/mpd5/mpd.secret user1 "pass1" 10.1.10.10