{"id":272,"date":"2015-03-18T17:04:02","date_gmt":"2015-03-18T08:04:02","guid":{"rendered":"http:\/\/fsck.jp\/?p=272"},"modified":"2018-05-31T09:03:38","modified_gmt":"2018-05-31T00:03:38","slug":"raspbian%e3%81%abstrongswan-5-x%e3%82%92%e3%82%a4%e3%83%b3%e3%82%b9%e3%83%88%e3%83%bc%e3%83%ab","status":"publish","type":"post","link":"https:\/\/fsck.jp\/?p=272","title":{"rendered":"Raspbian\u306bstrongswan 5.x\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb"},"content":{"rendered":"<p>Raspberry Pi model B+ \u3092\u8cfc\u5165\u3057\u3066 VPN \u7bb1\u306b\u3057\u3088\u3046\u3068\u3057\u305f\u304c\u3001Raspbian OS\u6a19\u6e96\u306estrongswan \u30d1\u30c3\u30b1\u30fc\u30b8 (=debian wheezy\u306e\u30d1\u30c3\u30b1\u30fc\u30b8) \u304c\u3042\u307e\u308a\u306b\u53e4\u3044 (4.5.2) \u306e\u3067\u3001\u30bd\u30fc\u30b9\u304b\u3089 5.x \u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3053\u3068\u306b\u3059\u308b\u3002<\/p>\n<h3>1. \u6a19\u6e96\u30d1\u30c3\u30b1\u30fc\u30b8\u306estrongswan\u3092\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n<p>\u30a2\u30f3\u30a4\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u524d\u306b\u3001\u8d77\u52d5\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u30d0\u30c3\u30af\u30a2\u30c3\u30d7\u3057\u3066\u304a\u304f\u3002<br \/>\n<code><br \/>\n$ sudo cp \/etc\/init.d\/ipsec \/tmp<\/code><\/p>\n<p>\u305d\u306e\u4e0a\u3067\u3001\u6a19\u6e96\u306estrongswan\u3092\u30a2\u30f3\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u3002<br \/>\n<code><br \/>\n$ sudo apt-get purge libstrongswan strongswan \\<br \/>\nstrongswan-ikev1 strongswan-ikev2 strongswan-starter<\/code><\/p>\n<h3>2. \u30d3\u30eb\u30c9\u306b\u5fc5\u8981\u306a\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n<p><code>$ sudo apt-get install build-essential<\/code><\/p>\n<h3>3. \u5fc5\u8981\u305d\u3046\u306a\u30e9\u30a4\u30d6\u30e9\u30ea\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n<p><code>$ sudo apt-get install libgmp-dev libldap2-dev \\<br \/>\nlibcurl4-openssl-dev libpam0g-dev libkrb5-dev \\<br \/>\nlibfcgi-dev libgcrypt11-dev libxml2-dev libsqlite3-dev \\<br \/>\nlibcap-dev libldns-dev libunbound-dev libsoup2.4-dev \\<br \/>\nlibtspi-dev libjson0-dev libmysqlclient-dev libpcsclite-dev<\/code><\/p>\n<h3>4. \u30d3\u30eb\u30c9\u30fb\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h3>\n<p><a href=\"https:\/\/packages.debian.org\/wheezy-backports\/strongswan\">wheezy-backports\u30d1\u30c3\u30b1\u30fc\u30b8<\/a>\u306erules\u30d5\u30a1\u30a4\u30eb\u3092\u53c2\u8003\u306b\u3057\u3066configure\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u6c7a\u5b9a\u3059\u308b\u3002\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u5148\u304c\/usr\/local\u3067\u306f\u306a\u304f\u306a\u308b\u3051\u3069\u3001\u307e\u3042\u3044\u3044\u3067\u3057\u3087\u3046\u2026<br \/>\n<code>$ wget https:\/\/download.strongswan.org\/strongswan-5.2.2.tar.bz2<br \/>\n$ tar xjf strongswan-5.2.2.tar.bz2<br \/>\n$ cd strongswan-5.2.2<br \/>\n$ .\/configure \\<br \/>\n--disable-static \\<br \/>\n--prefix=\/usr \\<br \/>\n--exec-prefix=\/usr \\<br \/>\n--sysconfdir=\/etc \\<br \/>\n--localstatedir=\/var \\<br \/>\n--libdir=\/usr\/lib \\<br \/>\n--libexecdir=\/usr\/lib \\<br \/>\n--with-tss=trousers \\<br \/>\n--enable-addrblock \\<br \/>\n--enable-agent \\<br \/>\n--enable-attr-sql \\<br \/>\n--enable-ccm \\<br \/>\n--enable-certexpire \\<br \/>\n--enable-cmd \\<br \/>\n--enable-coupling \\<br \/>\n--enable-ctr \\<br \/>\n--enable-curl \\<br \/>\n--enable-dhcp \\<br \/>\n--enable-dnscert \\<br \/>\n--enable-duplicheck \\<br \/>\n--enable-eap-aka \\<br \/>\n--enable-eap-aka-3gpp2 \\<br \/>\n--enable-eap-dynamic \\<br \/>\n--enable-eap-gtc \\<br \/>\n--enable-eap-identity \\<br \/>\n--enable-eap-md5 \\<br \/>\n--enable-eap-mschapv2 \\<br \/>\n--enable-eap-peap \\<br \/>\n--enable-eap-radius \\<br \/>\n--enable-eap-sim \\<br \/>\n--enable-eap-sim-file \\<br \/>\n--enable-eap-sim-pcsc \\<br \/>\n--enable-eap-simaka-pseudonym \\<br \/>\n--enable-eap-simaka-reauth \\<br \/>\n--enable-eap-simaka-sql \\<br \/>\n--enable-eap-tls \\<br \/>\n--enable-eap-tnc \\<br \/>\n--enable-eap-ttls \\<br \/>\n--enable-error-notify \\<br \/>\n--enable-farp \\<br \/>\n--enable-gcm \\<br \/>\n--enable-gcrypt \\<br \/>\n--enable-imc-attestation \\<br \/>\n--enable-imc-os \\<br \/>\n--enable-imc-scanner \\<br \/>\n--enable-imc-swid \\<br \/>\n--enable-imc-test \\<br \/>\n--enable-imv-attestation \\<br \/>\n--enable-imv-os \\<br \/>\n--enable-imv-scanner \\<br \/>\n--enable-imv-swid \\<br \/>\n--enable-imv-test \\<br \/>\n--enable-integrity-test \\<br \/>\n--enable-ipseckey \\<br \/>\n--enable-ldap \\<br \/>\n--enable-led \\<br \/>\n--enable-load-tester \\<br \/>\n--enable-lookip \\<br \/>\n--enable-md4 \\<br \/>\n--enable-mysql \\<br \/>\n--enable-ntru \\<br \/>\n--enable-openssl \\<br \/>\n--enable-pkcs11 \\<br \/>\n--enable-radattr \\<br \/>\n--enable-soup \\<br \/>\n--enable-sql \\<br \/>\n--enable-sqlite \\<br \/>\n--enable-systime-fix \\<br \/>\n--enable-test-vectors \\<br \/>\n--enable-tnccs-11 \\<br \/>\n--enable-tnccs-20 \\<br \/>\n--enable-tnccs-dynamic \\<br \/>\n--enable-tnc-ifmap \\<br \/>\n--enable-tnc-imc \\<br \/>\n--enable-tnc-imv \\<br \/>\n--enable-tnc-pdp \\<br \/>\n--enable-unbound \\<br \/>\n--enable-unity \\<br \/>\n--enable-whitelist \\<br \/>\n--enable-xauth-eap \\<br \/>\n--enable-xauth-generic \\<br \/>\n--enable-xauth-noauth \\<br \/>\n--enable-xauth-pam \\<br \/>\n--disable-blowfish \\<br \/>\n--disable-des \\<br \/>\n--with-capabilities=libcap<br \/>\n$ make<br \/>\n$ sudo make install<\/code><\/p>\n<p>\u3055\u3059\u304c\u306bCPU\u306e\u80fd\u529b\u304c\u4f4e\u3044\u306e\u3067\u3001\u30d3\u30eb\u30c9\u306b\u306f\u6642\u9593\u304c\u304b\u304b\u308b\u3002<\/p>\n<p>\u6700\u521d\u306b\u30b3\u30d4\u30fc\u3057\u3066\u304a\u3044\u305f\u8d77\u52d5\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u623b\u3059\u3002<br \/>\n<code>$ sudo mv \/tmp\/ipsec \/etc\/init.d\/<br \/>\n$ sudo update-rc.d ipsec defaults<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Raspberry Pi model B+ \u3092\u8cfc\u5165\u3057\u3066 VPN \u7bb1\u306b\u3057\u3088\u3046\u3068\u3057\u305f\u304c\u3001Raspbian OS\u6a19\u6e96\u306estrongswan \u30d1\u30c3\u30b1\u30fc\u30b8 (=debian wheezy\u306e\u30d1\u30c3\u30b1\u30fc\u30b8) \u304c\u3042\u307e\u308a\u306b\u53e4\u3044 (4.5.2 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[22,13,23,15],"tags":[],"_links":{"self":[{"href":"https:\/\/fsck.jp\/index.php?rest_route=\/wp\/v2\/posts\/272"}],"collection":[{"href":"https:\/\/fsck.jp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fsck.jp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fsck.jp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fsck.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=272"}],"version-history":[{"count":0,"href":"https:\/\/fsck.jp\/index.php?rest_route=\/wp\/v2\/posts\/272\/revisions"}],"wp:attachment":[{"href":"https:\/\/fsck.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fsck.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fsck.jp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}