编译安装 openswan-2.6.34
?因為RHEL5.4 自帶的OPENSWAN -2.6.21-5.el5無法生成RSA key
(問題為 Error Generating a new ipsec hostkey? http://www.centos.org/forums/viewtopic.php?t=20620),
所以源碼安裝openswan
1? 下載openswan:
wget? http://www.openswan.org/download/openswan-2.6.34.tar.gz
?
2? 編譯安裝
編譯安裝之前,先確保安裝了 gcc kernel-devel kernel-header gmp gmp-devel gawk flex bison,
tar? -zxvf?? openswan-2.6.34.tar.gz
make programs
make install
depmod? -a
3? 設置openswan運行所需的環境:
vim? /etc/sysctl.conf
?net.ipv4.ip_forward=1
?net.ipv4.conf.default.rp_filer= 0
settings for ipsec:
vim ipsec_env_settings.sh
#!/bin/bash
for i in /proc/sys/net/ipv4/conf/*/send_redirects
do
??? echo "0" > $i
done
for i in /proc/sys/net/ipv4/conf/*/accept_redirects
do
??? echo "0" > $i
done
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/core/xfrm_larval_drop
echo "0" > /selinux/enforce? #disable selinux
?
4? 啟動IPSEC
service ipsec start OR /etc/init.d/ipsec start
5? 驗證運行是否正常
ipsec? verify
轉載于:https://www.cnblogs.com/slips/p/3416087.html
總結
以上是生活随笔為你收集整理的编译安装 openswan-2.6.34的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 大型ERP等数据库系统常见几种设计---
- 下一篇: 安全通信