我有點懶得排版 就先記錄 之後再考慮整理 1.安裝相關套件 opkg update opkg install curl strongswan-defaultstrongswan-pki ipset strongswan-mod-openssl strongswan-mod-curlstrongswan-mod-dhcp strongswan-mod-eap-tls strongswan-mod-eap-identitystrongswan-mod-kernel-libipsec kmod-tun openssl-utilstrongswan-mod-test-vectors strongswan-mod-farp 2.修改/etc/config/network新增訂一ipsec介面 config interface 'ipsec'option ifname 'ipsec0'option proto 'none'option defaultroute '0'option peerdns '0'option ipv6 '0' 3.修改/etc/firewall.user新增規則 iptables -I INPUT -m policy --dir in --pol ipsec --proto esp -j ACCEPTiptables -I FORWARD -m policy --dir in --pol ipsec --proto esp -j ACCEPTiptables -I FORWARD -m policy --dir out --pol ipsec --proto esp -j ACCEPTiptables -I OUTPUT -m policy --dir out --pol ipsec --proto esp -j ACCEPT 4.修改/etc/config/firewall新增zone、forwarding、rules Zone區 config zone option name 'vpn' list network 'ipsec...