Shrew VPN in openSUSE

There is an instruction page of VPN for Linux on Knowledge Base of IT service of the University of Manchester. But the client software cannot be compiled correctly in openSUSE 13.2. So I chose to install the alternative Shrew client software. It’s not easy, too. Here is my installing record.

Shrew is a VPN client software. For openSUSE, it can be installed by 1 Click Install:

  1. Open Package Search for openSUSE,
  2. Type “ike” and search,
  3. The first package named “ike” should be commented as “The Shrew Soft VPN Client“.

This is the package we should use. Here is the brief description:

The Shrew Soft VPN Client for Unix is a free IPsec Client for FreeBSD, NetBSD and Linux based operating systems. It was originally developed to provide secure communications between mobile Windows hosts and open source VPN gateways that utilize standards compliant software such as ipsec-tools, OpenSWAN, FreeSWAN, StrongSWAN, isakmpd. It now offers many of the advanced features only found in expensive commercial software solutions and provides compatibility for VPN appliances produced by vendors such as Cisco, Juniper, Checkpoint, Fortinet, Netgear, Linksys, Zywall and many others. It supports most of the features availalble in the Windows VPN Client version with the exception of those which are not cross platform compatible.

Choose a favorite openSUSE version and click to expand the sub-section. If it shows “Show unstable packages“, that means that no stable version ike for the chosen openSUSE version  is available at this moment.

I chose to use the unstable version on openSUSE Tumbleweed, which worked for me.

After clicking the “Show unstable packages”, a “1 Click Install” link shows up. It can be opened by YaST2, or saved as an ike.ymp file by right clicking and choosing “save as …” then opened by YaST2. Follow the instruction and finish the installation.

Check system settings first. Using a text editor to edit (as root) /etc/sysctl.conf, change to as following lines or add them,

net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0

Open a terminal and input,

# iked

If you want to run Shrew in the backend. If autostart on boot is required, keep input as following,

# systemctl enable /usr/sbin/iked
# systemctl start iked
ii : created ike socket 0.0.0.0:500
ii : created natt socket 0.0.0.0:4500
## : IKE Daemon, ver 2.2.1
## : Copyright 2013 Shrew Soft Inc.
## : This product linked OpenSSL 1.0.1k-fips 8 Jan 2015

Now, Shrew should be running in backend.

Then, use following command,

qikea

to open the GUI window of Shrew to import vpn profile and connect to vpn server.

Or,

qikec

if command line is preferred.

Now, university ID and password can be used to login VPN.

Further instructions about using Shrew can be found here.©

本文发表于水景一页。永久链接:<https://cnzhx.net/blog/shrew-vpn-in-opensuse/>。转载请保留此信息及相应链接。

5 条关于 “Shrew VPN in openSUSE” 的评论

  1. 引用通告: openSUSE Tumbleweed 初始配置记录 | 水景一页

雁过留声,人过留名

您的电子邮箱地址不会被公开。 必填项已用 * 标注

特别提示:与当前文章主题无关的讨论相关但需要较多讨论求助信息请发布到水景一页讨论区的相应版块,谢谢您的理解与合作!请参考本站互助指南
您可以在评论中使用如下的 HTML 标记来辅助表达: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>