ubuntu-strongswan

发表于 更新于 分类于 Waline:

vpn选型

  • openvpn: mac需要单独安装客户端,虽然以前安装过,暂时不考虑
  • strongswan:不需要客户端,但是放在容器不知道为啥通过127.0.0.1连不上
  • algo:
  • SoftEther:
  • Streisand:
  • WireGuard:

strongswan安装(mac不能连接)

1
2
3
4
5
6
7
8
9
10
11
12
13
14

# ipsec version
Linux Libreswan 4.7 (XFRM) on 5.10.104-linuxkit

# sysctl net.ipv4.ip_forward=1
# sysctl net.ipv6.conf.all.forwarding=1
# sysctl net.ipv4.conf.all.accept_redirects=0
# sysctl net.ipv4.conf.all.send_redirects=0

# SHARED_SECRET="123$(openssl rand -base64 32 2>/dev/null)"
# echo ": PSK \"${SHARED_SECRET}\"" > /etc/ipsec.secrets

# /usr/sbin/ipsec start --nofork

dockerfile源码

错误:mac vpn 连接 发生意外错误 49: Can’t assign requested address

解决: 没找到解决方案,放弃

1
2
3
4
5
6
7
8
9
10
docker run -d --name snx-vpn --cap-add=ALL \
 -p 500:500/udp \
 -p 4500:4500/udp \
 -p 1701:1701/tcp \
 -p 1194:1194/udp \
 -p 5555:5555/tcp \
 -e PSK="1238AwC0L+TIvFTtB2ZKJ+RjWsrQk7qCPrE4JlwXhJaNts=" \
 -e USERNAME=admin \
 -e PASSWORD=admin123456 \
 siomiz/softethervpn

参考

How to Install and Configure strongSwan VPN on Ubuntu 18.04

gaomd/docker-ikev2-vpn-server

strongSwan文档

如何快速搭建VPN,六款VPN服务器上最好的自由和开源工具,轻松搭建个人VPN