树莓派在长期开启情况下依旧能保持低功耗. 我们可以将其设置为一台VPN服务器, 通过它上网. 下面将会一步一步的介绍如何配置及连接.
sudo modprobe ppp-compress-18
如果不出现任何错误, 代表这个内核没问题. 顺便说一下, 你可以通过SSH或者VNC来远程操作树莓派.
接下来安装PPTP服务. 我用的是基于debian的发行版, 所以我执行以下命令来安装:
sudo apt-get install pptpd
下面要修改'etc/pptpd.conf'文件, 如果你用了X, 就可以用图形界面本文编辑器. 要不然就在命令行下用VI. 本文是针对初学者的教程, 我不会详述如何使用VI. 如果你在用LXDE, 打开一个 root 终端然后执行
If you prefer working in the terminal use the following. This is what I will use for the remainder of the tutorial, but you can use whatever text editor you like.
sudo vi /etc/pptpd.conf
At the end of the file, add (or uncomment if it already exists) the following lines
localip 192.168.0.1 remoteip 192.168.1.234-238,192.168.1.245
Be sure to replace this information with what you actually need. LocalIP is the internal IP of your raspberry pi, and the Remote IP range are the addresses that will be handed out to clients.
Now, edit the ‘/etc/ppp/pptpd-options’ file.
sudo vi /etc/ppp/pptpd-options
Append the following directives to the end of the file:
ms-dns 192.168.1.1 nobsdcomp noipx mtu 1490 mru 1490
Where the IP used for the ms-dns directive is the DNS server for the local network to which your client will be connecting (quite possibly the IP address of your router).
Next, edit the ‘/etc/ppp/chap-secrets’ files. This is where you will place your credentials for logging into the VPN server.
sudo vi /etc/ppp/chap-secrets
Add your authentication credentials in the following form:
You should probably use a very strong password for authentication.
Restart the PPTP daemon by executing the following command:
sudo service pptpd restart
Now, enable forwarding if you wish to have access to your entire home network while away. Edit the ‘sysctl’ file.
sudo vi /etc/sysctl.conf
Find “net.ipv4.ip_forward=1" and uncomment it (or change =0 to =1) to enable forwarding. Now, execute the following command to apply changes:
sudo sysctl -p
We’re all set on the server side. Everything should persist upon restart, so no worries there. Now, let’s configure our router.
We must forward TCP port 1723 on the router to the IP Address of the Raspberry Pi. You can visit Port Forward for step-by-step instructions for setting this up with your particular router. While you’re at it, you may want to set up a static IP address for your Raspberry Pi’s MAC address in your router’s DHCP configuration settings. This way, your local IP address (the one to which you’re forwarding the port) doesn’t change.
You may be wondering how you’re going to connect to this thing? Your public IP address is probably not static. We’ll set up dynamic DNS on our Pi, so we can refer to our VPN server by hostname. First, go to dnsdynamic.org and register. Validate your email address, and add a domain. Go ahead and save the new domain with the IP address that appears by default. This tutorial will use ‘[domain].dnsdynamic.com’ so when you see this notation, just replace it with the domain you’ve selected.
Now, we’re back on our raspberry pi. Open a root terminal and type
sudo apt-get install ddclient
An installation dialogue should appear.
When asked to select a Dynamic DNS service provider, choose “Other."
It should ask for the name of the service provider. Enter “www.dnsdynamic.org"
On the next screen, select the “dyndns2" protocol.
Now, enter the username (email address) and password you used when you registered at dnsdynamic.org
It, now, asks which network interface to use. If you are using the ethernet port on your Pi, enter “eth0". If you have setup a usb wifi interface adapter, you may enter “wlan0"
Next, enter the domain you registered: "[domain].dnsdynamic.com"
Now, wait for the installation to complete. If you’re behind a router, ddclient will incorrectly associate your internal IP address with your dynamic DNS domain. You can verify this by going to dnsdynamic.org , log in, click manage, and edit your existing domain. Let’s fix that.
sudo vi /etc/ddclient.conf
Find the line “use=if, if=eth0" and comment it (add a # in front).
Add the line “use=web, web=checkip.dyndns.org"
Save and quit
sudo service ddclient restart
Now, when you go to dnsdynamic.org and go to manage and edit your existing domain, you should see your public IP address, now.
We’re all finished on the server side. Now, let’s configure our clients.
In the Network and Sharing Center, set up a new connection.
Connect to workplace
Use my Internet Connection (VPN)
Internet Address: "[domain].dnsdynamic.com"
Destionation Name: “Raspberry Pi" (or whatever you want to call your VPN server)
Enter Username and Password (from chap-secrets file on raspberry pi!)
If the connection fails, set up this connection anyway and proceed to next step
Back in Network and Sharing Center, click Change Adapter Settings
Find connection we just created, right click, Properties
Security tab: Set type to “PPTP"
Advanced tab: Click IP4V, Click Properties
In the new window, click Advanced
Here you have two options:
If you wish to access resources or services on your home network, but wish to connect to the internet on your existing connection, then uncheck “Use default gateway on remote network." This will establish a split-tunnel connection.
If you wish to pass all traffic through the VPN, leave the box checked. Your browsing may be slower, but your traffic will appear from your home IP address.
Ok. You should now be able to connect
Your instructions may differ slightly depending on android version.
Go to Settings
Under Wireless & Networks, select More…
Name: “Raspberry Pi" (or whatever you want to call your VPN server)
Server Address: "[domain].dnsdynamic.com"
Select Connection you just created
Enter Username and Password (from chap-secrets file on server!)
You should now be connected to your VPN server.
搞定收工! 我们已经在树莓派上搭好了一个VPN服务器. 不过要注意PPTP的安全性不如openVPN, 但是在树莓派上配置使用却要简单许多 :)