在配置的时候参考了很多网友的文章,只是发现编译的时候都会有各种问题(可能是系统环境和时间原因?),所以还是另开一篇记录下吧。
为什么选择 Cisco AnyConnect VPN ?
它是 iOS 端目前最好的 xx 解决方案:
- 激活后全局有效
- 自动重连,即使锁屏后重开也不会掉线
- 可导入路由配置
开始动手吧~
首先安装所有依赖包:
yum install autoconf automake gcc libtasn1-devel zlib zlib-devel trousers trousers-devel gmp-devel gmp xz texinfo libnl-devel libnl tcp_wrappers-libs tcp_wrappers-devel tcp_wrappers dbus dbus-devel ncurses-devel pam-devel readline-devel bison bison-devel flex gcc automake autoconf wget
|
|
yum
install
autoconf
automake
gcc
libtasn1
-
devel
zlib
zlib
-
devel
trousers
trousers
-
devel
gmp
-
devel
gmp
xz
texinfo
libnl
-
devel
libnl
tcp_wrappers
-
libs
tcp_wrappers
-
devel
tcp_wrappers
dbus
dbus
-
devel
ncurses
-
devel
pam
-
devel
readline
-
devel
bison
bison
-
devel
flex
gcc
automake
autoconf
wget
|
安装 Nettle:
cd /usr/local/src
wget http://ftp.gnu.org/gnu/nettle/nettle-2.7.1.tar.gz
tar zxf nettle-2.7.1.tar.gz && cd nettle-2.7.1
./configure && make && make install
cd ..
|
|
cd
/
usr
/
local
/
src
wget
http
:
//ftp.gnu.org/gnu/nettle/nettle-2.7.1.tar.gz
tar
zxf
nettle
-
2.7.1.tar.gz
&&
cd
nettle
-
2.7.1
.
/
configure
&&
make
&&
make
install
cd
.
.
|
安装 unbound:
yum install expat-devel
wget http://unbound.nlnetlabs.nl/downloads/unbound-1.4.22.tar.gz
tar zxf unbound-1.4.22.tar.gz && cd unbound-1.4.22
./configure --prefix=/usr --sysconfdir=/etc && make && make install
cd ..
|
|
yum
install
expat
-
devel
wget
http
:
//unbound.nlnetlabs.nl/downloads/unbound-1.4.22.tar.gz
tar
zxf
unbound
-
1.4.22.tar.gz
&&
cd
unbound
-
1.4.22
.
/
configure
--
prefix
=
/
usr
--
sysconfdir
=
/
etc
&&
make
&&
make
install
cd
.
.
|
安装后执行程序将会出现动态库文件找不到的问题:unbound-anchor: error while loading shared libraries: libunbound.so.2: cannot open shared object file: No such file or directory
这是因为系统默认没有找/usr/local/lib目录下的库文件,为了一劳永逸,我们把将路径加入到配置文件中:
echo '/usr/local/lib' > /etc/ld.so.conf.d/local-libraries.conf && ldconfig
生成配置文件:unbound-anchor -a "/etc/unbound/root.key",这是为了消除之后编译gnutls时遇到的警告信息:
configure: WARNING:
***
*** The DNSSEC root key file in /etc/unbound/root.key was not found.
*** This file is needed for the verification of DNSSEC responses.
*** Use the command: unbound-anchor -a "/etc/unbound/root.key"
*** to generate or update it.
***
|
|
configure
: WARNING
:
*
*
*
*
*
*
The
DNSSEC
root
key
file
in
/
etc
/
unbound
/
root
.
key
was
not
found
.
*
*
*
This
file
is
needed
for
the
verification
of
DNSSEC
responses
.
*
*
*
Use
the
command
: unbound
-
anchor
-
a
"/etc/unbound/root.key"
*
*
*
to
generate
or
update
it
.
*
*
*
|
安装 gnutls:
wget ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.15.tar.xz
tar xvf gnutls-3.2.15.tar.xz
cd gnutls-3.2.15
./configure
|
|
wget
ftp
:
//ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.15.tar.xz
tar
xvf
gnutls
-
3.2.15.tar.xz
cd
gnutls
-
3.2.15
.
/
configure
|
这时会遇到Libnettle 2.7 was not found.错误,其实还是路径问题,pkg-config寻找包的依赖关系时没有找到对应的.pc文件,告诉它地址就好了:export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH。继续编译~
./configure && make && make install
cd ..
|
|
.
/
configure
&&
make
&&
make
install
cd
.
.
|
安装 LibNL:
wget http://www.carisma.slowglass.com/~tgr/libnl/files/libnl-3.2.24.tar.gz
tar xvf libnl-3.2.24.tar.gz
cd libnl-3.2.24
./configure && make && make install
cd ..
|
|
wget
http
:
//www.carisma.slowglass.com/~tgr/libnl/files/libnl-3.2.24.tar.gz
tar
xvf
libnl
-
3.2.24.tar.gz
cd
libnl
-
3.2.24
.
/
configure
&&
make
&&
make
install
cd
.
.
|
终于该主角上场了,安装 Ocserv:
wget ftp://ftp.infradead.org/pub/ocserv/ocserv-0.8.1.tar.xz
tar xvf ocserv-0.8.1.tar.xz && cd ocserv-0.8.1
./configure --prefix=/usr --sysconfdir=/etc && make && make install
|
|
wget
ftp
:
//ftp.infradead.org/pub/ocserv/ocserv-0.8.1.tar.xz
tar
xvf
ocserv
-
0.8.1.tar.xz
&&
cd
ocserv
-
0.8.1
.
/
configure
--
prefix
=
/
usr
--
sysconfdir
=
/
etc
&&
make
&&
make
install
|
一切都非常顺利,yeah!
接下来开始配置,呃……一些……Something。
之后的配置按照AnyConnect 带来 iPhone 上的新生活这篇文章进行配置,感谢Kevin。
体验报告
可能是宽带运营商的问题,反正我这里的速度非常不理想。。比shadowsocks差老远了。。竟然只有几k的速度,完全不能理解……尝试调过最大连接数也无效,暂时还是弃用了 QAQ
希望你的好用,good luck~
参考
