Realizing LAN Remote Access in Linux

  

This paper introduces a method of constructing a dial-up server by using two serial ports of a Linux server. The remote user can connect to the local area network through dial-up to conveniently carry out information transmission and resource sharing.

The configuration environment of the author is Red Hat 8.0 Linux operating system. The required hardware includes two external modems (connected to COM1 and COM2 ports respectively) and two telephone lines. The implementation steps are as follows:

1. Initialize the serial device

Add the following two lines to the /etc/inittab file to initialize the two serial devices ttyS0 and ttyS1:

S0:345:respawn:/sbin/mgetty -D -X 3 ttyS0

S1:345:respawn:/sbin/mgetty -D -X 3 ttyS1

Then, run “/The sbin/init q” command makes the changes take effect.

2. Specify the authentication method

Create the file ppplogin in the /etc/PPP directory with the following contents:

#!/bin/sh

/Usr/sbin/pppd auth -chap +pap login

This file specifies that the user logs in with PAP authentication. PAP and CHAP are two authentication protocols for PPP services.

After saving the file, set the permissions for the file:

#chmod a+x /etc/ppp/ppplogin

Then, change /etc/mgetty+sendfax/In the login.config file, remove the comment in front of the line ""/AutoPPP/” and change to the following:

/AutoPPP/- - /etc/PPP/ppplogin

3. Modify Options file

Modify the /etc/PPP/Options file to the following content;

detach

Modem

Lock

crtscts

asyncmap 0

netmask 255.255.255.0

proxyarp

ms-dns 192.168.11.1

The <quo;detach” option is very important. If you do not specify this option, the dialer will enter the background, causing the shell script to exit, followed by the serial line being hanged, causing the connection to abort. <;detach& rdquo; prevents the tty device from leaving the PPPD control.

“Modem” option allows the PPPD to monitor the DTR lead and observe if the peer has dropped.

The “Lock” option specifies UUCP-style locking on serial devices.

The “crtscts” option is used to turn on the hardware handshake.

 Asyncmap 0” Set up an asynchronous character map. This map specifies that control characters cannot be sent directly over the connection and needs to be escaped first.

“netmask 255.255.255.0”Set the network mask of the PPP network interface.

The “proxyarp” option turns on the ARP proxy feature.

<;ms-dns”2.168.11.1” specifies the DNS server address in the LAN, if not, you can not set it.

4. Assign IP to dial-in users

Create /etc/ppp/Options.ttyS0 and /etc/ppp/

options.ttyS1 files as follows :#br>

# Vi options.ttyS0

192.168.11.3:192.168.11.242

# Vi options.ttys1

192.168.11.3:192.168.11.243< Br>

Where, “192.168.11.3” is the IP address of the Linux machine used as the dial-up server, “192.168.

11.242” and “192.168.11.243” The IP addresses of the users dialed into the COM1 port and COM2 port respectively.

5. Password Authentication

Edit the file /etc/PPP/pap-secrets as follows:

* * "secret" 192.168.11.242

* * "password" 192.168.11.243

As shown above, each line of code contains four columns representing the username, server address, password value, and IP address list. “*” indicates that it can match any content.

After dialing in, if you need to access other servers in the LAN, you must enable IP forwarding:

echo 1> /proc/sys/net/ipv4/ip_forward

To automatically disconnect after a period of idle time, you need to add the following line to /etc/ppp/options:

idle 600

In the above code, “600” indicates 600 Seconds, which is 10 minutes.

If you can't find the /sbin/mgetty file and the /etc/mgetty+sendfax/login.config file in the appropriate directory, you need to install the mgetty package.

Copyright © Windows knowledge All Rights Reserved