There is an instruction page of VPN for Linux on Knowledge Base of IT service of the University of Manchester. But the client software cannot be compiled correctly in openSUSE 13.2. So I chose to install the alternative Shrew client software. It’s not easy, too. Here is my installing record.
Shrew is a VPN client software. For openSUSE, it can be installed by 1 Click Install:
- Open Package Search for openSUSE,
- Type “ike” and search,
- The first package named “ike” should be commented as “The Shrew Soft VPN Client“.
This is the package we should use. Here is the brief description:
The Shrew Soft VPN Client for Unix is a free IPsec Client for FreeBSD, NetBSD and Linux based operating systems. It was originally developed to provide secure communications between mobile Windows hosts and open source VPN gateways that utilize standards compliant software such as ipsec-tools, OpenSWAN, FreeSWAN, StrongSWAN, isakmpd. It now offers many of the advanced features only found in expensive commercial software solutions and provides compatibility for VPN appliances produced by vendors such as Cisco, Juniper, Checkpoint, Fortinet, Netgear, Linksys, Zywall and many others. It supports most of the features availalble in the Windows VPN Client version with the exception of those which are not cross platform compatible.
Choose a favorite openSUSE version and click to expand the sub-section. If it shows “Show unstable packages“, that means that no stable version ike for the chosen openSUSE version is available at this moment.
I chose to use the unstable version on openSUSE Tumbleweed, which worked for me.
After clicking the “Show unstable packages”, a “1 Click Install” link shows up. It can be opened by YaST2, or saved as an ike.ymp file by right clicking and choosing “save as …” then opened by YaST2. Follow the instruction and finish the installation.
Check system settings first. Using a text editor to edit (as root) /etc/sysctl.conf, change to as following lines or add them,
net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0
Open a terminal and input,
# iked
If you want to run Shrew in the backend. If autostart on boot is required, keep input as following,
# systemctl enable /usr/sbin/iked # systemctl start iked ii : created ike socket 0.0.0.0:500 ii : created natt socket 0.0.0.0:4500 ## : IKE Daemon, ver 2.2.1 ## : Copyright 2013 Shrew Soft Inc. ## : This product linked OpenSSL 1.0.1k-fips 8 Jan 2015
Now, Shrew should be running in backend.
Then, use following command,
qikea
to open the GUI window of Shrew to import vpn profile and connect to vpn server.
Or,
qikec
if command line is preferred.
Now, university ID and password can be used to login VPN.
Further instructions about using Shrew can be found here.©
本文发表于水景一页。永久链接:<https://cnzhx.net/blog/shrew-vpn-in-opensuse/>。转载请保留此信息及相应链接。
这是vps搭建vpn的教程吗?
不是的,这个就是Linux中的一个VPN客户端,可以兼容Cisco的VPN软硬件。
安装没问题,能正常连接,但无法与VPN端的内网主机通信
ping 不通里面的主机,不知道是路由不对还是怎么地
很抱歉,这个情况我没什么思路,帮不上忙了。
引用通告: openSUSE Tumbleweed 初始配置记录 | 水景一页