{"id":6835,"date":"2022-04-22T14:07:37","date_gmt":"2022-04-22T21:07:37","guid":{"rendered":"https:\/\/www.xh86.me\/?p=6835"},"modified":"2022-04-22T14:07:37","modified_gmt":"2022-04-22T21:07:37","slug":"%e5%af%b9%e6%af%94%e5%8d%8e%e4%b8%89%e8%ae%be%e5%a4%87%e9%85%8d%e7%bd%ae%ef%bc%8c%e8%ae%b2%e8%a7%a3linux%e4%b8%bb%e6%9c%ba%e5%a6%82%e4%bd%95%e9%85%8d%e7%bd%aestrongswan","status":"publish","type":"post","link":"https:\/\/www.xh86.me\/?p=6835","title":{"rendered":"\u5bf9\u6bd4\u534e\u4e09\u8bbe\u5907\u914d\u7f6e\uff0c\u8bb2\u89e3Linux\u4e3b\u673a\u5982\u4f55\u914d\u7f6estrongSwan"},"content":{"rendered":"<div class=\"wxsyncmain\">\n<section>&nbsp;<\/p>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">strongSwan\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u57fa\u4e8eIPsec\u7684VPN\u89e3\u51b3\u65b9\u6848\uff0c\u6700\u8fd1\u8981\u7528\u5230strongSwan\u6765\u5bf9\u63a5\u5176\u4ed6\u7cfb\u7edf\u7684IPsec\uff0c\u4e0d\u80fd\u8d38\u7136\u884c\u52a8\uff0c\u5148\u5728Linux\u73af\u5883\u4e0b\u6d4b\u8bd5\u4e00\u4e0b\u76f8\u540c\u73af\u5883\u4e0b\u5982\u4f55\u914d\u7f6e\u3002<\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u901a\u8fc7\u6211\u4eec\u73b0\u5728\u5df2\u7ecf\u6709\u914d\u7f6estrongSwan\u7684\u73af\u5883\u4e86\uff0c\u5c31\u662f\u4e24\u53f0\u5f00\u542f\u4e86IP\u8f6c\u53d1\u529f\u80fd\u7684Linux\u4e3b\u673a\u3002<\/p>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-267f9da96c9690ff662897a3e679e64d.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-267f9da96c9690ff662897a3e679e64d.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.2573099415204678\" data-type=\"png\" data-w=\"684\" \/><\/div><\/p>\n<section>\n<section style=\"margin: 10px auto;\">\n<section style=\"display: flex; justify-content: center; align-items: center;\">\n<section style=\"width: 30px; transform: rotate(0deg);\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" style=\"width: 30px; display: block; height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8431372549019608\" data-type=\"png\" data-w=\"51\" \/><\/div><\/section>\n<section style=\"flex: 1; padding: 0px 5px 2px; margin: 0px 5px; border-bottom: 1px solid #a6dff2; font-size: 16px; text-align: left; letter-spacing: 1.5px; color: #333;\"><span style=\"color: #3daad6;\"><strong>\u5b89\u88c5strongSwan<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">strongSwan\u7684\u5b89\u88c5\u8fd8\u662f\u5f88\u7b80\u5355\u7684\uff0c\u53ef\u4ee5\u76f4\u63a5\u4eceyum\u4ed3\u5e93\u5b89\u88c5\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<ul class=\"code-snippet__line-index code-snippet__js\">\n<li><\/li>\n<\/ul>\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">yum<\/span> install -y strongswan<\/span><\/code><\/pre>\n<\/section>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-7461b165fe35770770882d45112aecef.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-7461b165fe35770770882d45112aecef.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8981481481481481\" data-type=\"png\" data-w=\"1080\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u67e5\u770b\u4e00\u4e0bstrongSwan\u547d\u4ee4\uff0c\u8fd8\u662f\u5f88\u7b80\u5355\u7684\uff0c\u53ea\u6709\u4e3a\u6570\u4e0d\u591a\u7684\u547d\u4ee4\u3002<\/p>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-18ab7c70dfba3986bfa12e926f54f5f8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-18ab7c70dfba3986bfa12e926f54f5f8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.6563573883161512\" data-type=\"png\" data-w=\"582\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u68c0\u67e5\u4e00\u4e0b\u8f6f\u4ef6\u7248\u672c\uff0c\u53ef\u4ee5\u770b\u5230\u4f7f\u7528yum\u5b89\u88c5\u7684\u7248\u672c\u4e3a5.7.3\uff0c\u800c\u5b98\u7f51\u6700\u65b0\u7248\u672c\u662f5.9.5\uff0c\u5e94\u8be5\u5dee\u522b\u4e0d\u5927\u5427\u3002<\/p>\n<p style=\"text-align: center; margin-bottom: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-f95777f201085bc81a24fdf452ae4b99.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-f95777f201085bc81a24fdf452ae4b99.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-galleryid=\"\" data-ratio=\"0.18322295805739514\" data-s=\"300,640\" data-type=\"png\" data-w=\"453\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">strongSwan\u7684\u9ed8\u8ba4\u5b89\u88c5\u8def\u5f84\u662f\/etc\/strongswan\/\uff0c\u8fd9\u91cc\u9762\u6bd4\u8f83\u91cd\u8981\u7684\u5c31\u662fipsec.conf\u548cipsec.secrets\u8fd9\u4e24\u4e2a\u914d\u7f6e\u6587\u4ef6\u4e86\u3002\u8fd9\u4e24\u4e2a\u6587\u4ef6\u7684\u914d\u7f6e\u6307\u5bfc\u5df2\u7ecf\u8fc7\u4e86\uff0c\u6709\u9700\u8981\u7684\u5c0f\u4f19\u4f34\u53ef\u4ee5\u53c2\u8003\uff08<a href=\"http:\/\/mp.weixin.qq.com\/s?__biz=MzI4NjAzMTk3MA==&amp;mid=2458845187&amp;idx=1&amp;sn=38d82b7c665d10076b2c1ed0db9341b4&amp;chksm=fc98890ecbef0018f00790af6d8db5a6df152317667d8cf66d28a0fe29673c2077f283e7657b&amp;scene=21#wechat_redirect\" data-linktype=\"2\">strongSwan\u4e4bipsec.conf\u914d\u7f6e\u624b\u518c<\/a>\uff09\u548c\uff08<a href=\"http:\/\/mp.weixin.qq.com\/s?__biz=Mzg3NjY2MzMxMg==&amp;mid=2247485459&amp;idx=2&amp;sn=c80fba39974ab732321df1fbe3016786&amp;chksm=cf2f8f6cf858067a07dd267472a59a7d45a0aa2eca2abec4c5dae771067f0b064c0dbff654da&amp;scene=21#wechat_redirect\" data-linktype=\"2\">strongSwan\u4e4bipsec.secrets\u914d\u7f6e\u624b\u518c<\/a>\uff09\u3002<\/p>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-3b902471fb5ed3b655dcf0d0de85e1f7.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-3b902471fb5ed3b655dcf0d0de85e1f7.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.288981288981289\" data-type=\"png\" data-w=\"481\" \/><\/div><\/p>\n<section>\n<section style=\"margin: 10px auto;\">\n<section style=\"display: flex; justify-content: center; align-items: center;\">\n<section style=\"width: 30px; transform: rotate(0deg);\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" style=\"width: 30px; display: block; height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8431372549019608\" data-type=\"png\" data-w=\"51\" \/><\/div><\/section>\n<section style=\"flex: 1; padding: 0px 5px 2px; margin: 0px 5px; border-bottom: 1px solid #a6dff2; font-size: 16px; text-align: left; letter-spacing: 1.5px; color: #333;\"><span style=\"color: #3daad6;\"><strong>\u914d\u7f6estrongSwan<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5728ipsec.conf\u914d\u7f6e\u4e2d\uff0c\u7ed9\u4e86\u4e00\u4e2a\u7b80\u5355\u7684\u914d\u7f6e\u5b9e\u4f8b\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"makefile\"><code><span class=\"code-snippet_outer\">conn snt<\/span><\/code><code><span class=\"code-snippet_outer\">  left=192.168.0.1<\/span><\/code><code><span class=\"code-snippet_outer\">  leftsubnet=10.1.0.0\/16<\/span><\/code><code><span class=\"code-snippet_outer\">  right=192.168.0.2<\/span><\/code><code><span class=\"code-snippet_outer\">  rightsubnet=10.1.0.0\/16<\/span><\/code><code><span class=\"code-snippet_outer\">  keyingtries=%forever<\/span><\/code><code><span class=\"code-snippet_outer\">  auto=add<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u7b80\u5355\u7406\u89e3\u4e00\u4e0b\uff0c\u914d\u7f6e\u6587\u4ef6\u4e2d\u7684<strong>left\u8868\u793a\u4e3a\u672c\u7aef\uff0cright\u8868\u793a\u4e3a\u5bf9\u7aef<\/strong>\uff1b<strong>leftsubnet\u548crightsubnet\u5c31\u662f\u5bf9\u5e94\u7684\u79c1\u7f51\u7f51\u6bb5<\/strong>\uff0c\u5982\u679c\u6709\u591a\u4e2a\uff0c\u7528\u9017\u53f7\u9694\u5f00\u5c31\u884c\u4e86\uff0c\u5982\u679c\u8981\u6307\u5b9a\u7aef\u53e3\u53f7.<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"ini\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attr\">leftsubnet<\/span>=<span class=\"code-snippet__number\">10.0<\/span>.<span class=\"code-snippet__number\">0.1<\/span>[tcp\/http],<span class=\"code-snippet__number\">10.0<\/span>.<span class=\"code-snippet__number\">0.2<\/span>[<span class=\"code-snippet__number\">6<\/span>\/<span class=\"code-snippet__number\">80<\/span>]<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\"><strong>keyingtries\u8868\u793a\u5728\u653e\u5f03\u534f\u5546\u4e4b\u524d\u5e94\u8be5\u8fdb\u884c\u591a\u5c11\u6b21\u5c1d\u8bd5<\/strong>\uff0c\u9ed8\u8ba4\u503c\u4e3a3\uff1b<strong>auto\u8868\u793aIPsec\u5728\u542f\u52a8\u65f6\u5e94\u81ea\u52a8\u6267\u884c\u4ec0\u4e48\u64cd\u4f5c<\/strong>\uff0cadd\u8868\u793a\u52a0\u8f7d\u8fde\u63a5\u800c\u4e0d\u542f\u52a8\u5b83\u3002\u66f4<strong>\u63a8\u8350\u4f7f\u7528route\uff0c \u8868\u793a\u52a0\u8f7d\u8fde\u63a5\u5e76\u5b89\u88c5\u5230\u5185\u6838\uff0c\u5982\u679c\u68c0\u6d4b\u5230\u672c\u7aef\u5b50\u7f51\u548c\u5bf9\u7aef\u5b50\u7f51\u4e4b\u95f4\u7684\u6d41\u91cf\uff0c\u5219\u5efa\u7acb\u8fde\u63a5<\/strong>\u3002<\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5728\u56de\u987e\u4e00\u4e0b\u901a\u8fc7IKE\u5efa\u7acbIPsec\u7684\u8fc7\u7a0b\uff0cIKE\u4e3aIPsec\u534f\u5546\u5efa\u7acbSA\uff0c\u5e76\u628a\u5efa\u7acb\u7684\u53c2\u6570\u4ea4\u7ed9IPsec\uff0cIPsec\u4f7f\u7528IKE\u5efa\u7acb\u7684SA\u5bf9IP\u62a5\u6587\u52a0\u5bc6\u6216\u8ba4\u8bc1\u5904\u7406\u3002IKE\u534f\u5546\u5206\u4e3a\u4e24\u4e2a\u9636\u6bb5\uff0c<strong>\u7b2c\u4e00\u9636\u6bb5\u5efa\u7acbIKE SA<\/strong>\uff0c\u534f\u5546\u6a21\u5f0f\u53ef\u5206\u4e3a<strong>\u4e3b\u6a21\u5f0f\uff08Main Mode\uff09<\/strong>\u548c<strong>\u91ce\u86ee\u6a21\u5f0f\uff08Aggressive Mode\uff09<\/strong>\uff1b<strong>\u7b2c\u4e8c\u9636\u6bb5\u5efa\u7acbIPsec SA<\/strong>\uff0c\u5c31\u662f<strong>\u5feb\u901f\u6a21\u5f0f\uff08Quick Mode\uff09<\/strong>\u3002<\/p>\n<section>\n<section style=\"margin: 10px auto;\">\n<section style=\"display: flex; justify-content: center; align-items: center;\">\n<section style=\"width: 30px; transform: rotate(0deg);\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" style=\"width: 30px; display: block; height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8431372549019608\" data-type=\"png\" data-w=\"51\" \/><\/div><\/section>\n<section style=\"flex: 1; padding: 0px 5px 2px; margin: 0px 5px; border-bottom: 1px solid #a6dff2; font-size: 16px; text-align: left; letter-spacing: 1.5px; color: #333;\"><span style=\"color: #3daad6;\"><strong>\u7b2c\u4e00\u9636\u6bb5<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5982\u679c\u662f\u534e\u4e09\u8def\u7531\u5668\uff0c\u6211\u4eec\u5728\u7b2c\u4e00\u9636\u6bb5\u8981\u9009\u62e9\u534f\u5546\u6a21\u5f0f\uff0c\u9ed8\u8ba4\u4e3a\u4e3b\u6a21\u5f0f\uff0cstrongSwan\u4e5f\u4e00\u6837\uff0c\u5982\u679c\u8981\u4f7f\u7528\u91ce\u86ee\u6a21\u5f0f\uff0c\u8981\u914d\u7f6eaggressive = yes\u3002<\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u8fd8\u8981\u914d\u7f6e\u9ed8\u8ba4\u7684\u5b89\u5168\u63d0\u8bae\uff0c\u5305\u62ec\u8ba4\u8bc1\u65b9\u5f0f\uff0c\u6211\u4eec\u4e00\u822c\u914d\u7f6ePSK\uff0c\u4f46\u662fstrongSwan\u9ed8\u8ba4\u662f\u5e26\u516c\u94a5\u7684\u5bc6\u94a5\uff0c\u9700\u8981\u4fee\u6539\u4e3aPSK\uff0c\u547d\u4ee4\u4e3aauthby=psk\u3002\u8fd8\u8981\u914d\u7f6e\u5bf9\u7aef\u4fe1\u606f\uff0c\u5e38\u7528\u914d\u7f6e\u547d\u4ee4\u5982\u4e0b\uff1a<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"css\"><code><span class=\"code-snippet_outer\">#<\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__selector-tag\">ike<\/span> <span class=\"code-snippet__selector-tag\">keychain<\/span> <span class=\"code-snippet__selector-tag\">swan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__selector-tag\">pre-shared-key<\/span> <span class=\"code-snippet__selector-tag\">address<\/span> 12<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.2<\/span> 255<span class=\"code-snippet__selector-class\">.255<\/span><span class=\"code-snippet__selector-class\">.255<\/span><span class=\"code-snippet__selector-class\">.0<\/span> <span class=\"code-snippet__selector-tag\">key<\/span> <span class=\"code-snippet__selector-tag\">simple<\/span> <span class=\"code-snippet__selector-tag\">swan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">#<\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__selector-tag\">ike<\/span> <span class=\"code-snippet__selector-tag\">profile<\/span> <span class=\"code-snippet__selector-tag\">swan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__selector-tag\">keychain<\/span>\u00a0<span class=\"code-snippet__selector-tag\">swan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__selector-tag\">match<\/span> <span class=\"code-snippet__selector-tag\">remote<\/span> <span class=\"code-snippet__selector-tag\">identity<\/span> <span class=\"code-snippet__selector-tag\">address<\/span> 12<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.2<\/span> 255<span class=\"code-snippet__selector-class\">.255<\/span><span class=\"code-snippet__selector-class\">.255<\/span><span class=\"code-snippet__selector-class\">.0<\/span><\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u653e\u5230strongSwan\u4e2d\uff0c\u8981\u914d\u7f6e2\u4e2a\u6587\u4ef6\uff0cipsec.secrets\u4e2d\u914d\u7f6e\u9884\u5171\u4eab\u5bc6\u94a5\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">vi<\/span> \/etc\/strongswan\/ipsec.secrets<\/span><\/code><\/pre>\n<\/section>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"css\"><code><span class=\"code-snippet_outer\">12<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span> 12<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.2<\/span> : <span class=\"code-snippet__selector-tag\">PSK<\/span> <span class=\"code-snippet__selector-tag\">swan<\/span><\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">ipsec.conf\u4e2d\u914d\u7f6e\u8ba4\u8bc1\u65b9\u5f0f\u548cIKE\u7248\u672c\uff0c\u6307\u5b9a\u672c\u7aef\u548c\u5bf9\u7aef\u8eab\u4efd\u4fe1\u606f\uff0c\u56e0\u4e3aleftid\u9ed8\u8ba4\u662f\u53d6left\u7684\u503c\uff0c\u6240\u4ee5\u5982\u679c\u6ca1\u6709\u7279\u6b8a\u8981\u6c42\uff0c\u53ef\u4ee5\u4e0d\u5fc5\u91cd\u590d\u914d\u7f6e\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">vi<\/span> \/etc\/strongswan\/ipsec.conf<\/span><\/code><\/pre>\n<\/section>\n<section class=\"code-snippet__fix code-snippet__js\">&nbsp;<\/p>\n<pre class=\"code-snippet__js\" data-lang=\"makefile\"><code><span class=\"code-snippet_outer\">conn swan<\/span><\/code><code><span class=\"code-snippet_outer\">  authby=psk<\/span><\/code><code><span class=\"code-snippet_outer\">  keyexchange=ikev1<\/span><\/code><code><span class=\"code-snippet_outer\">  left=12.1.1.1<\/span><\/code><code><span class=\"code-snippet_outer\">  right=12.1.1.2<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u518d\u4e00\u4e2a\u6bd4\u8f83\u5173\u952e\u7684\u914d\u7f6e\u5c31\u662f\u7b97\u6cd5\uff0c\u5305\u62ec\u52a0\u5bc6\u7b97\u6cd5\u3001\u9a8c\u8bc1\u7b97\u6cd5\u3001\u5bc6\u94a5\u52a0\u5bc6\u7b97\u6cd5\u3002strongSwan\u4e2d\uff0c\u9ed8\u8ba4\u7684\u7b97\u6cd5\u4e3aike = aes128-sha256-modp3072\uff0c\u5176\u4e2daes128\u6307aes-cbc-128\uff0c\u4e3a\u52a0\u5bc6\u7b97\u6cd5\uff1bsha256\u5c31\u662fsha256\uff0c\u4e3a\u9a8c\u8bc1\u7b97\u6cd5\uff1bmodp3072\u4e3a\u5bc6\u94a5\u52a0\u5bc6\u7b97\u6cd5\u3002\u5f53\u7136\uff0c\u8fd9\u4e2a\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528\u9ed8\u8ba4\u914d\u7f6e\u3002<\/p>\n<section>\n<section style=\"margin: 10px auto;\">\n<section style=\"display: flex; justify-content: center; align-items: center;\">\n<section style=\"width: 30px; transform: rotate(0deg);\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" style=\"width: 30px; display: block; height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8431372549019608\" data-type=\"png\" data-w=\"51\" \/><\/div><\/section>\n<section style=\"flex: 1; padding: 0px 5px 2px; margin: 0px 5px; border-bottom: 1px solid #a6dff2; font-size: 16px; text-align: left; letter-spacing: 1.5px; color: #333;\"><span style=\"color: #3daad6;\"><strong>\u7b2c\u4e8c\u9636\u6bb5<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5982\u679c\u662f\u534e\u4e09\u8def\u7531\u5668\uff0c\u6211\u4eec\u5728\u7b2c\u4e8c\u9636\u6bb5\u8981\u914d\u7f6eIPsec\u7b56\u7565\u7684\u76f8\u5173\u4fe1\u606f\uff0c\u6bd4\u5982\u611f\u5174\u8da3\u6d41ACL\u3002\u5728strongSwan\u4e2d\uff0c\u662f\u901a\u8fc7\u914d\u7f6e\u672c\u7aef\u79c1\u7f51\u548c\u5bf9\u7aef\u79c1\u7f51\u6765\u5b9e\u73b0\u7684\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"css\"><code><span class=\"code-snippet_outer\">#<\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__selector-tag\">acl<\/span> <span class=\"code-snippet__selector-tag\">advanced<\/span> 3402<\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__selector-tag\">rule<\/span> 0 <span class=\"code-snippet__selector-tag\">permit<\/span> <span class=\"code-snippet__selector-tag\">ip<\/span> <span class=\"code-snippet__selector-tag\">source<\/span> 11<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.0<\/span> 0<span class=\"code-snippet__selector-class\">.0<\/span><span class=\"code-snippet__selector-class\">.0<\/span><span class=\"code-snippet__selector-class\">.255<\/span> <span class=\"code-snippet__selector-tag\">destination<\/span> 22<span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.1<\/span><span class=\"code-snippet__selector-class\">.0<\/span> 0<span class=\"code-snippet__selector-class\">.0<\/span><span class=\"code-snippet__selector-class\">.0<\/span><span class=\"code-snippet__selector-class\">.255<\/span><\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5728strongSwan\u4e2d\uff0c\u662f\u901a\u8fc7\u914d\u7f6e\u672c\u7aef\u79c1\u7f51\u548c\u5bf9\u7aef\u79c1\u7f51\u6765\u5b9e\u73b0\u7684\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"makefile\"><code><span class=\"code-snippet_outer\">conn swan<\/span><\/code><code><span class=\"code-snippet_outer\">  leftsubnet=11.1.1.0\/24<\/span><\/code><code><span class=\"code-snippet_outer\">  rightsubnet=22.1.1.0\/24<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u7136\u540e\u5c31\u662f\u52a0\u5bc6\u6a21\u5f0f\u548c\u52a0\u5bc6\u7b97\u6cd5\uff0c\u534e\u4e09\u8def\u7531\u5668\u9ed8\u8ba4\u7684\u52a0\u5bc6\u6a21\u5f0f\u4e3aESP\uff0c\u9ed8\u8ba4\u662f\u672a\u91c7\u7528\u4efb\u4f55\u52a0\u5bc6\u7b97\u6cd5\u7684\uff0c\u9700\u8981\u624b\u5de5\u914d\u7f6e\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"properties\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__comment\">#<\/span><\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attr\">ipsec<\/span> <span class=\"code-snippet__string\">transform-set swan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__attr\">esp<\/span> <span class=\"code-snippet__string\">encryption-algorithm aes-cbc-128<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__attr\">esp<\/span> <span class=\"code-snippet__string\">authentication-algorithm sha1<\/span><\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">strongSwan\u9ed8\u8ba4\u4e5f\u662f\u4f7f\u7528ESP\uff0c\u4f46\u662f\u4e0d\u50cf\u534e\u4e09\u8bbe\u5907\u4e00\u6837\u652f\u6301\u540c\u65f6\u4f7f\u7528AH+ESP\uff0c\u4ec5\u80fd\u4f7f\u7528\u5176\u4e2d\u4e00\u79cd\uff0cESP\u7684\u9ed8\u8ba4\u52a0\u5bc6\u7b97\u6cd5-\u9a8c\u8bc1\u7b97\u6cd5\u4e3aaes128-sha256\u3002\u5f53\u7136\uff0c\u8fd9\u4e2a\u4e5f\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528\u9ed8\u8ba4\u914d\u7f6e\u3002<\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u518d\u6709\u5c31\u662f\u62a5\u6587\u5c01\u88c5\u6a21\u5f0f\uff0c\u4e24\u8005\u9ed8\u8ba4\u90fd\u662f<strong>\u96a7\u9053\uff08tunnel\uff09\u6a21\u5f0f<\/strong>\uff0c\u56e0\u4e3a<strong>\u4f20\u8f93\uff08transport\uff09\u6a21\u5f0f<\/strong>\u4e0d\u7b26\u5408\u4f7f\u7528\u573a\u666f\u3002<\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u5982\u679c\u662f\u534e\u4e09\u8bbe\u5907\uff0c\u8fd8\u8981\u518d\u628a\u914d\u7f6e\u7ec4\u88c5\u4e00\u904d\uff0c\u50cf\u4e0b\u9762\u8fd9\u6837\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"sql\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__comment\">#<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">ipsec policy swan 10 isakmp<\/span><\/code><code><span class=\"code-snippet_outer\">  transform-<span class=\"code-snippet__keyword\">set<\/span> swan<\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__keyword\">security<\/span> acl <span class=\"code-snippet__number\">3402<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__keyword\">local<\/span>-address <span class=\"code-snippet__number\">192.168<\/span><span class=\"code-snippet__number\">.1<\/span><span class=\"code-snippet__number\">.216<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  remote-address <span class=\"code-snippet__number\">192.168<\/span><span class=\"code-snippet__number\">.1<\/span><span class=\"code-snippet__number\">.143<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  ike-profile swan<\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__comment\">#<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  <span class=\"code-snippet__keyword\">interface<\/span> GigabitEthernet1\/<span class=\"code-snippet__number\">0<\/span><\/span><\/code><code><span class=\"code-snippet_outer\">  ipsec <span class=\"code-snippet__keyword\">apply<\/span> <span class=\"code-snippet__keyword\">policy<\/span> swan<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u4f46\u662fstrongSwan\u5c31\u4e0d\u7528\u4e86\uff0c\u524d\u9762\u62fc\u5b8c\u5c31\u662f\u5b8c\u6574\u7684\u914d\u7f6e\u6587\u4ef6\u4e86\u3002ipsec.conf\u914d\u7f6e\u6587\u4ef6\u5982\u4e0b\uff1a<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">cat<\/span> \/etc\/strongswan\/ipsec.conf<\/span><\/code><\/pre>\n<\/section>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"makefile\"><code><span class=\"code-snippet_outer\">conn swan<\/span><\/code><code><span class=\"code-snippet_outer\">  authby = psk<\/span><\/code><code><span class=\"code-snippet_outer\">  keyexchange=ikev1<\/span><\/code><code><span class=\"code-snippet_outer\">  left=12.1.1.1<\/span><\/code><code><span class=\"code-snippet_outer\">  leftsubnet=11.1.1.0\/24<\/span><\/code><code><span class=\"code-snippet_outer\">  right=12.1.1.2<\/span><\/code><code><span class=\"code-snippet_outer\">  rightsubnet=22.1.1.0\/24<\/span><\/code><code><span class=\"code-snippet_outer\">  auto=route<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">ipsec.secrets\u914d\u7f6e\u6587\u4ef6\u5982\u4e0b\uff1a<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">cat<\/span> \/etc\/strongswan\/ipsec.secrets<\/span><\/code><\/pre>\n<\/section>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\">12.1.1.1 12.1.1.2 : <span class=\"code-snippet__attribute\">PSK<\/span> swan<\/span><\/code><\/pre>\n<\/section>\n<section>\n<section style=\"margin: 10px auto;\">\n<section style=\"display: flex; justify-content: center; align-items: center;\">\n<section style=\"width: 30px; transform: rotate(0deg);\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" style=\"width: 30px; display: block; height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-d9704f0830f2e6582ade16253231cad8.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.8431372549019608\" data-type=\"png\" data-w=\"51\" \/><\/div><\/section>\n<section style=\"flex: 1; padding: 0px 5px 2px; margin: 0px 5px; border-bottom: 1px solid #a6dff2; font-size: 16px; text-align: left; letter-spacing: 1.5px; color: #333;\"><span style=\"color: #3daad6;\"><strong>\u9a8c\u8bc1\u914d\u7f6e<\/strong><\/span><\/section>\n<\/section>\n<\/section>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u914d\u7f6e\u5b8c\u6210\u4e4b\u540e\u542f\u52a8strongSwan\u670d\u52a1\u5e76\u4f7f\u80fd\u5f00\u673a\u81ea\u542f\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"properties\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attr\">systemctl<\/span> <span class=\"code-snippet__string\">start strongswan<\/span><\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attr\">systemctl<\/span> <span class=\"code-snippet__string\">enable strongswan<\/span><\/span><\/code><\/pre>\n<\/section>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-54dbbf9cfbbd7f980709eba0bb50d20e.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-54dbbf9cfbbd7f980709eba0bb50d20e.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.42650602409638555\" data-type=\"png\" data-w=\"830\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u540c\u7406\uff0c\u914d\u7f6e\u4e3b\u673aLinux2\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"makefile\"><code><span class=\"code-snippet_outer\">cat \/etc\/strongswan\/ipsec.conf<\/span><\/code><code><span class=\"code-snippet_outer\">conn swan<\/span><\/code><code><span class=\"code-snippet_outer\">  authby = psk<\/span><\/code><code><span class=\"code-snippet_outer\">  keyexchange=ikev1<\/span><\/code><code><span class=\"code-snippet_outer\">  left=12.1.1.2<\/span><\/code><code><span class=\"code-snippet_outer\">  leftsubnet=22.1.1.0\/24<\/span><\/code><code><span class=\"code-snippet_outer\">  right=12.1.1.1<\/span><\/code><code><span class=\"code-snippet_outer\">  rightsubnet=11.1.1.0\/24<\/span><\/code><code><span class=\"code-snippet_outer\">  auto=route<\/span><\/code><\/pre>\n<\/section>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">cat<\/span> \/etc\/strongswan\/ipsec.secrets<\/span><\/code><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__number\">12.1.1.2<\/span> <span class=\"code-snippet__number\">12.1.1.1<\/span> : PSK swan<\/span><\/code><\/pre>\n<\/section>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u76f4\u63a5\u7528Host1\u5411Host2\u53d1\u8d77ping\u6d4b\u8bd5\u3002<\/p>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-a74da1185c75b5e411fc68059285f403.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-a74da1185c75b5e411fc68059285f403.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.2807017543859649\" data-type=\"png\" data-w=\"513\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u53ef\u4ee5\u770b\u5230\uff0c\u4e5f\u662f\u4e22\u4e86\u7b2c\u4e00\u4e2a\u5305\uff0c\u5e94\u8be5\u662f\u53bb\u51fa\u53d1IKE SA\u548cIPsec SA\u7684\u5efa\u7acb\u4e86\u3002\u67e5\u770bstrongSwan\u72b6\u6001\u4fe1\u606f\u3002<\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">strongswan<\/span> status<\/span><\/code><\/pre>\n<\/section>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-5ad312fe4065105aaf3181b0dbe99d9e.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-5ad312fe4065105aaf3181b0dbe99d9e.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.20411160058737152\" data-type=\"png\" data-w=\"681\" \/><\/div><\/p>\n<section class=\"code-snippet__fix code-snippet__js\">\n<pre class=\"code-snippet__js\" data-lang=\"nginx\"><code><span class=\"code-snippet_outer\"><span class=\"code-snippet__attribute\">strongswan<\/span> statusall<\/span><\/code><\/pre>\n<\/section>\n<p style=\"margin-top: 5px; margin-bottom: 5px; text-indent: 0em;\"><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-e33623af7dab14a1719795e06b57dfcd.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" class=\"rich_pages wxw-img\" style=\"height: auto !important;\" data-original=\"https:\/\/www.xh86.me\/wp-content\/uploads\/2022\/04\/wxsync-2022-04-e33623af7dab14a1719795e06b57dfcd.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" data-ratio=\"0.6880856760374833\" data-type=\"png\" data-w=\"747\" \/><\/div><\/p>\n<p style=\"text-indent: 2em; margin-top: 5px; margin-bottom: 5px;\">\u8fd9\u91cc\u9762\uff0cSecurity Associations\u5c31\u662f\u5b89\u5168\u8054\u76dfSA\uff0c\u540e\u9762\u662f1\u7684\u5c31\u662f\u4e00\u9636\u6bb5\uff0c\u4e5f\u5c31\u662f\u5bf9\u5e94\u7684IKE SA\uff1b\u540e\u9762\u662f2\u7684\u5c31\u662f\u4e8c\u9636\u6bb5\uff0c\u4e5f\u5c31\u662f\u5bf9\u5e94\u7684IPsec SA\u3002<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; strongSwan\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u57fa\u4e8eIPsec\u7684VPN\u89e3\u51b3\u65b9\u6848\uff0c\u6700\u8fd1\u8981\u7528\u5230strongSwan\u6765 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,2],"tags":[],"class_list":["post-6835","post","type-post","status-publish","format-standard","hentry","category-19","category-network"],"_links":{"self":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6835","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6835"}],"version-history":[{"count":1,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6835\/revisions"}],"predecessor-version":[{"id":7772,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/6835\/revisions\/7772"}],"wp:attachment":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6835"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6835"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6835"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}