5.17. 客户端：启动连接 (Client: Bring up the connection)

现在我们将尝试实际连接到 VPN 服务器。首先，我们需要建立一个单独的连接来设置 ssh known_hosts 文件。运行这个 (Now we'll try to actually make the connection to the VPN server. First we'll need to make a single connection to set up the ssh known_hosts file. Run this)

# ssh vpn.mycompany.com

当询问您是否要继续连接时，回答 “yes”。服务器会告诉您 “permission denied”，但这没关系。重要的是，您在连接脚本中使用与服务器相同的名称。现在运行以下行。您显然需要更改选项以适应您的设置。(Answer "yes" when it asks you if you want to continue connecting. The server will tell you "permission denied", but that's okay. It's important that you use the same name for the server that you are using in your connection scripts. Now run the following lines. You will obviously need to change the options to suit your setup.)

# /usr/sbin/pty-redir /usr/bin/ssh -t -e none -o 'Batchmode yes' -c blowfish -i /root/.ssh/identity.vpn -l vpn-user vpn.mycompany.com > /tmp/vpn-device

	(now wait about 10 seconds)

# /usr/sbin/pppd `cat /tmp/vpn-device` 192.168.10.254:192.168.40.254

注意在 pppd 行上指定的 IP 地址。第一个是隧道客户端的地址。第二个是隧道服务器端的地址，它被设置为服务器的内部地址。如果一切似乎都正常工作，请继续。如果不是，请检查您是否拥有所有选项，以及它们的拼写是否正确。如果仍然出现问题，请查看 第 6.1 章节。( Note the IP addresses specified on the pppd line. The first is the address of the client end of the tunnel. The second is the address of the server end of the tunnel, which is set to the server's internal address. If all of that seemed to work, move on. If not, check that you have all of the options, and that they are spelled right. If something is still going wrong, check Section 6.1.)