在 WD PR4100 上安装并设置 IKEv2/IPsec

tag-icon tag-icon vpn nas busybox
在 WD PR4100 上安装并设置 IKEv2/IPsec

我有一台 WD PR4100 NAS,想设置 IKEv2/IPsec VPN 隧道。目前,我正在使用已安装的 OpenVPN。

我相信该系统是基于 BusyBox 的。关于如何安装软件包依赖项和设置连接,有什么建议吗?具体来说,我正在尝试连接本教程。我目前正在研究 docker 实现。但是,如果我可以本地安装并设置连接而不是使用 docker,那就更好了。

我发现唯一可以充当客户端的docker(其他的只能充当服务器)是,尽管当我按照上述方式编辑文件时教程,然后运行

docker rm strongswan; docker run --net=host -v $PWD/config/strongswan.conf:/etc/strongswan.conf -v $PWD/config/ipsec.conf:/etc/ipsec.conf -v $PWD/config/ipsec.secrets:/etc/ipsec.secrets -v $PWD/config/ipsec.d:/etc/ipsec.d --name=strongswan stanback/alpine-strongswan-vpn

我得到以下输出

Starting strongSwan 5.6.1 IPsec [starter]...
modprobe: can't change directory to '/lib/modules': No such file or directory
no netkey IPsec stack detected
modprobe: can't change directory to '/lib/modules': No such file or directory
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
00[DMN] Starting IKE charon daemon (strongSwan 5.6.1, Linux 4.1.13, x86_64)
00[KNL] unable to create netlink socket: Protocol not supported (93)
00[NET] installing IKE bypass policy failed
00[NET] installing IKE bypass policy failed
00[NET] enabling UDP decapsulation for IPv6 on port 4500 failed
00[NET] installing IKE bypass policy failed
00[NET] installing IKE bypass policy failed
00[NET] enabling UDP decapsulation for IPv4 on port 4500 failed
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon' has unmet dependency: CUSTOM:kernel-ipsec
00[KNL] received netlink error: Operation not permitted (1)
00[KNL] unable to create IPv4 routing table rule
00[KNL] received netlink error: Operation not permitted (1)
00[KNL] unable to create IPv6 routing table rule
00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
00[LIB]   file coded in unknown format, discarded
00[LIB] building CRED_CERTIFICATE - X509 failed, tried 4 builders
00[CFG]   loading ca certificate from '/etc/ipsec.d/cacerts/caCert.pem' failed
00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
00[CFG] loading crls from '/etc/ipsec.d/crls'
00[CFG] loading secrets from '/etc/ipsec.secrets'
00[CFG]   loaded EAP secret for [email protected]
00[CFG] loaded 0 RADIUS server configurations
00[LIB] failed to load 1 critical plugin feature
00[DMN] initialization failed - aborting charon
00[KNL] received netlink error: Operation not permitted (1)
00[KNL] received netlink error: Operation not permitted (1)
charon has quit: initialization failed
charon refused to be started
ipsec starter stopped

除此之外,我不知道是否有可能单独安装所有内容而不使用 docker,因为据我所知基于 BusyBox 的系统是有限的。

答案1

--privileged我设法通过运行带有标志的容器来解决此问题

相关内容