Skip to content

Instantly share code, notes, and snippets.

@antonmry
Last active August 29, 2015 14:12
Show Gist options
  • Save antonmry/34ade8ed7086110b2372 to your computer and use it in GitHub Desktop.
Save antonmry/34ade8ed7086110b2372 to your computer and use it in GitHub Desktop.
Shrew
Here is what you need to install under Oracle Linux or Red Hat Enterprise Linux to install the VirtualBox Guest Additions:
<pre>yum -y install gcc kernel-uek-devel-$(uname -r)</pre>
Y lo de siempre, luego. reboot
# Guest
route add default gw 10.174.65.2
# Host
#iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
# Flush IPTABLES
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
Next up: enable forwarding in the kernel:
echo 1 >> /proc/sys/net/ipv4/ip_forward
To make it auto-set this value on boot uncomment this line in/etc/sysctl.conf
#net.ipv4.ip_forward=1
# Always accept loopback traffic
iptables -A INPUT -i lo -j ACCEPT
# We allow traffic from the LAN side
iptables -A INPUT -i eth0 -j ACCEPT
######################################################################
#
# ROUTING
#
######################################################################
# vboxnet0 is LAN
# eth0 is WAN
# Allow established connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Masquerade.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# fowarding
iptables -A FORWARD -i eth0 -o vboxnet0 -m state --state RELATED,ESTABLISHED -j ACCEPT
# Allow outgoing connections from the LAN side.
iptables -A FORWARD -i vboxnet0 -o eth0 -j ACCEPT
yum install qt3 qt3-devel cmake
yum install qt4 qt4-devel
yum install libedit-devel //this one!
yum install openssl-devel
yum install cmake libedit-devel flex openldap-develqt-devel
cd /usr/local/src
# Use 2.2.0, 2.2.1 doesnt work
wget http://www.shrew.net/download/ike/ike-2.2.0-beta-2.tgz
tar -zxvf ike-2.2.0-beta-2.tgz
cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES -LIBDIR=/usr/lib64 .
make
make install
cp /etc/usr/local/etc/iked.conf.sample /etc/usr/local/etc/iked.conf
iked
http://www.gta.com/downloads/external/60/General/ShrewSoftVPN_LinuxInstall.pdf
. Use a text editor to edit (as root) /etc/sysctl.d/10-network-security.conf
5. Change the following Entries from 1 to 0 (if these values are not defined you will need to add
them in order to override the default setting of 1).
net.ipv4.conf.default.rp _ filter=0
net.ipv4.conf.all.rp _ filter=0
6. Reboot the PC.
https://lists.shrew.net/pipermail/vpn-help/2012-March/013791.html
Intentar con OpenSWAN??
https://www.centos.org/forums/viewtopic.php?f=17&t=45683
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment