終於在小瓦安裝Centos 7 64加 IKEV2成功,還沒有嘗試翻牆。 一年才HK¥154。不在家的時間用。
主要步驟是跟以下鏈接。
http://mobile.[url]www.cnblogs.com/vegaoqiang/articles/6049785.html[/url]
创建证书用以上鏈接比較麻煩用了以下的鏈接
http://songchenwen.com/tech/2014/10/13/cross-fire-wall-on-ios8/
mkdir /usr/local/etc/mykey && cd /usr/local/etc/mykey
Server certification
$ wget https://gist.githubusercontent.c ... 8ede7/server_key.sh
$ sh server_key.sh Public IP address
Client certification
wget https://gist.githubusercontent.c ... a253d/client_key.sh
sh client_key.sh youruserid your_email@gmail.com
Server certification 拷貝到IpSEC directory
sudo cp cacerts/strongswanCert.pem /usr/local/etc/ipsec.d/cacerts/ca.cert.pem
sudo cp certs/vpnHostCert.pem /usr/local/etc/ipsec.d/certs/server.cert.pem
sudo cp private/vpnHostKey.pem /usr/local/etc/ipsec.d/private/server.pem
Client certification 拷貝到 PC, 然後貼上P12同Strongswancert.pem發電郵給自己。
SCP certificate to download and copy to ipad and android
Cd /usr/local/etc/mykey
*.p12 & cacerts/strongswancert.pem
從第五步繼續。
不要Config iptables/Firewalld
將iptables 關閉 iptables -F
將Firewalld 關閉 systemctl stop Firewalld
啟動IPSEC ipsec start
測試。
測試成功才 自動啟動IPSEC
systemctl start strongswan
systemctl enable strongswan
繼續步驟9.2 firewalld Setup
還沒有測試 翻牆,有沒有特別的配置?
還沒有測試 TCPSpeed 等加速,那個好一點? |
發表於 2017-2-10 17:58
| 
