Skip to content

Instantly share code, notes, and snippets.

@jason5ng32
jason5ng32 / ocservauto.sh
Last active March 1, 2021 14:21
在 Debian 7+ 自动安装 Ocserv ( Anyconnect VPN ) ,来自 http://www.fanyueciyuan.info/fq/ocserv-debian.html
#!/bin/bash
#===============================================================================================
# System Required: Debian 7+
# Description: Install OpenConnect VPN server for Debian
# Ocservauto For Debian Copyright (C) liyangyijie released under GNU GPLv2
# Ocservauto For Debian Is Based On SSLVPNauto v0.1-A1
# SSLVPNauto v0.1-A1 For Debian Copyright (C) Alex Fang [email protected] released under GNU GPLv2
# Date: 2015-07-10
# Thanks For
@jason5ng32
jason5ng32 / surge.conf
Last active November 6, 2024 06:39
Surge Configs ( for 2.x )
[General]
loglevel = notify
skip-proxy = 127.0.0.1, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 100.64.0.0/10, localhost, *.local, ::ffff:0:0:0:0/1, ::ffff:128:0:0:0/1
bypass-tun = 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12
# dns-server = 119.29.29.29,223.5.5.5,114.114.115.115
# external-controller-access = [email protected]:6155
# ipv6 = true
// REMEMBER TO CHANGE THE external-controller-access' PASSWORD
@bao3
bao3 / profile.xml
Last active September 21, 2017 02:59
用于 ocserv的profile.xml,会自动被思科客户端读取。这个配置文件有两个服务地址( VPN Server和 Full VPN Server),前者是区分路由模式的,后者是同一台服务不同端口的完全走VPN的模式。你可以在此基础上加入休眠后自动恢复项等等,但是请切记,一旦你改错了这个文档就会造成服务器不认证书或者客户端干脆禁止你连接。救赎的方法。。。。可耻的匿了。
<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
<ClientInitialization>
<UseStartBeforeLogon UserControllable="false">false</UseStartBeforeLogon>
<StrictCertificateTrust>false</StrictCertificateTrust>
<RestrictPreferenceCaching>false</RestrictPreferenceCaching>
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
<BypassDownloader>true</BypassDownloader>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>

测试平台:DigitalOcean VPS ubuntu14.04 x64, strongswan5.2.2

运行以下命令请使用root权限

一:安装strongswan

由于ubuntu软件仓库中strongswan版本较低,因此从官网源码编译安装

apt-get install build-essential     #编译环境
aptitude install libgmp10 libgmp3-dev libssl-dev pkg-config libpcsclite-dev libpam0g-dev     #编译所需要的软件