平台debian 7 x86_64
1,安装strongswan
apt-get update
apt-get upgrade -y
yes |cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
apt-get install -y libpam0g-dev libssl-dev make gcc
wget https://download.strongswan.org/strongswan-5.5.1.tar.gz
tar xzf strongswan-5.5.1.tar.gz
cd /root/strongswan-5.5.1/
./configure --enable-eap-identity --enable-eap-md5 \
--enable-eap-mschapv2 --enable-eap-tls --enable-eap-ttls --enable-eap-peap \
--enable-eap-tnc --enable-eap-dynamic --enable-eap-radius --enable-xauth-eap \
--enable-xauth-pam --enable-dhcp --enable-openssl --enable-addrblock --enable-unity \
--enable-certexpire --enable-radattr --enable-tools --enable-openssl --disable-gmp
make && make install
2,生成秘钥证书
ipsec pki --gen --outform pem > /root/ca.pem
ipsec pki --self --in ca.pem --dn "C=cc, O=sswan, CN=VPNCA" --ca --outform pem >/root/ca.cert.pem
ipsec pki --gen --outform pem > /root/server.