在 WSL2 中的 Ubuntu 20.04 上运行 ipsec start 失败

我使用 StrongSwan 建立了与办公室网络的 VPN 连接。这是在 Ubuntu 20.04 上，在带有 Windows 10 主机的 WSL2 上运行。

步骤

以下是我执行的完整步骤。

1. 安装：

sudo apt install strongswan libstrongswan-extra-plugins libcharon-extra-plugins

2. /etc/ipsec.conf：

conn office
    keyexchange=ikev2
    type=tunnel
    #ike=aes256-sha1-modp1024,3des-sha1-modp1024!
    #esp=aes256-sha1,3des-sha1!
    forceencaps=yes
    lifetime=1800
    rightsendcert=always
    rightsubnet=0.0.0.0/0
    #rightsubnet=%dynamic
    #rightsourceip=%config4
    #rightfirewall=yes
    rightauth=pubkey
    left=%defaultroute
    #leftsubnet=%dynamic
    leftsourceip=%config4
    leftid=any
    leftauth=eap-mschapv2
    eap_identity=user.name
    auto=add
include /etc/ipsec.conf.office

3. /etc/ipsec.conf.办公室：

conn office-staging
    also=office
    right=office-staging.office.fqdn.here
    rightid=office-staging.office.fqdn.here

4. /etc/ipsec.secrets：

# This file holds shared secrets or RSA private keys for authentication.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.

include /var/lib/strongswan/ipsec.secrets.inc

5. /var/lib/strongswan/ipsec.secrets.inc：

user.name: EAP password

错误

当我运行 时sudo ipsec start，它不起作用。以下是我给出--nofork参数时的日志：

Starting strongSwan 5.6.2 IPsec [starter]...
no netkey IPsec stack detected
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
00[DMN] Starting IKE charon daemon (strongSwan 5.6.2, Linux 4.4.0-19041-Microsoft, x86_64)
00[CFG] PKCS11 module '<name>' lacks library path
00[CFG] disabling load-tester plugin, not configured
00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
00[NET] opening ARP packet socket failed: Address family not supported by protocol
00[LIB] plugin 'farp': failed to load - farp_plugin_create returned NULL
00[KNL] unable to create netlink socket: Protocol not supported (93)
00[NET] installing IKE bypass policy failed
00[NET] installing IKE bypass policy failed
00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed
00[NET] installing IKE bypass policy failed
00[NET] installing IKE bypass policy failed
00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet dependency: CUSTOM:kernel-ipsec
00[CFG] dnscert plugin is disabled
00[CFG] ipseckey plugin is disabled
00[CFG] attr-sql plugin: database URI not set
00[KNL] netlink write error: Operation not supported
00[KNL] unable to create IPv4 routing table rule
00[KNL] netlink write error: Operation not supported
00[KNL] unable to create IPv6 routing table rule
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[CFG]   loaded ca certificate "C=US, O=Internet Security Research Group, CN=ISRG Root X1" from '/etc/ipsec.d/cacerts/isrgrootx1.pem'
00[CFG]   loaded ca certificate "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3" from '/etc/ipsec.d/cacerts/letsencryptauthorityx3.pem'
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG] loading secrets from '/var/lib/strongswan/ipsec.secrets.inc'
00[CFG]   loaded EAP secret for user.name
00[CFG] sql plugin: database URI not set
00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
00[CFG] eap-simaka-sql database URI missing
00[CFG] loaded 0 RADIUS server configurations
00[NET] opening DHCP receive socket failed: Address family not supported by protocol
00[CFG] HA config misses local/remote address
00[CFG] no threshold configured for systime-fix, disabled
00[CFG] coupling file path unspecified
00[LIB] failed to load 1 critical plugin feature
00[DMN] initialization failed - aborting charon
00[KNL] netlink write error: Operation not supported
00[KNL] netlink write error: Operation not supported
charon has quit: initialization failed
charon refused to be started
ipsec starter stopped

知道我可能错过了什么吗？提前致谢。