Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-21 05:06:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update docs

Browse Source
This commit is contained in:
hwdsl2 2018-12-19 00:14:52 -06:00
parent 03e587d834
commit 2e164ad976
6 changed files with 16 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README-zh.md
View File

@ -103,7 +103,7 @@ nano -w vpnsetup.sh
sudo sh vpnsetup.sh
```
**注:** 不要在值中使用这些字符: `\ " '`一个安全的 IPsec PSK 应该至少包含 20 个随机字符。
**注:** 一个安全的 IPsec PSK 应该至少包含 20 个随机字符。
**选项 3:** 将你自己的 VPN 登录凭证定义为环境变量:

2
README.md
View File

@ -103,7 +103,7 @@ nano -w vpnsetup.sh
sudo sh vpnsetup.sh
```
**Note:** DO NOT use these special characters within values: `\ " '`. A secure IPsec PSK should consist of at least 20 random characters.
**Note:** A secure IPsec PSK should consist of at least 20 random characters.
**Option 3:** Define your VPN credentials as environment variables:

2
docs/clients-xauth-zh.md
View File

@ -2,7 +2,7 @@
*其他语言版本: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md).*
**注:** 你也可以使用 [IPsec/L2TP 模式](clients-zh.md) 连接,或者配置 [IKEv2](ikev2-howto-zh.md)。
**注:** 你也可以使用 **[IPsec/L2TP 模式](clients-zh.md)** 连接,或者配置 **[IKEv2](ikev2-howto-zh.md)**
在成功<a href="https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/README-zh.md" target="_blank">搭建自己的 VPN 服务器</a>之后按照下面的步骤来配置你的设备。IPsec/XAuth ("Cisco IPsec") 在 Android, iOS 和 OS X 上均受支持无需安装额外的软件。Windows 用户可以使用免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft 客户端</a>。如果无法连接,请首先检查是否输入了正确的 VPN 登录凭证。

2
docs/clients-xauth.md
View File

@ -2,7 +2,7 @@
*Read this in other languages: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md).*
**Note:** You may also connect using [IPsec/L2TP mode](clients.md), or set up [IKEv2](ikev2-howto.md).
**Note:** You may also connect using **[IPsec/L2TP mode](clients.md)**, or set up **[IKEv2](ikev2-howto.md)**.
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure your devices. IPsec/XAuth ("Cisco IPsec") is natively supported by Android, iOS and OS X. There is no additional software to install. Windows users can use the free <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft client</a>. In case you are unable to connect, first check to make sure the VPN credentials were entered correctly.

34
docs/clients-zh.md
View File

@ -2,7 +2,7 @@
*其他语言版本: [English](clients.md), [简体中文](clients-zh.md).*
**注:** 你也可以使用更高效的 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接,或者配置 [IKEv2](ikev2-howto-zh.md)。
**注:** 你也可以使用更高效的 **[IPsec/XAuth 模式](clients-xauth-zh.md)** 连接,或者配置 **[IKEv2](ikev2-howto-zh.md)**
在成功<a href="https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/README-zh.md" target="_blank">搭建自己的 VPN 服务器</a>之后按照下面的步骤来配置你的设备。IPsec/L2TP 在 Android, iOS, OS X 和 Windows 上均受支持,无需安装额外的软件。设置过程通常只需要几分钟。如果无法连接,请首先检查是否输入了正确的 VPN 登录凭证。
@ -13,24 +13,11 @@
* [Android](#android)
* [iOS (iPhone/iPad)](#ios)
* [Chromebook](#chromebook)
* [Windows Phone](#windows-phone)
* [Linux](#linux)
* [故障排除](#故障排除)
* [Windows 错误 809](#windows-错误-809)
* [Windows 错误 628](#windows-错误-628)
* [Windows 10 升级](#windows-10-升级)
* [Windows 8/10 DNS 泄漏](#windows-810-dns-泄漏)
* [macOS VPN 流量](#macos-vpn-流量)
* [iOS/Android 睡眠模式](#iosandroid-睡眠模式)
* [Android 6 及以上版本](#android-6-及以上版本)
* [Chromebook 连接问题](#chromebook-连接问题)
* [其它错误](#其它错误)
* [额外的步骤](#额外的步骤)
## Windows
**注:** 你也可以配置并且使用更新的 [IKEv2 模式](ikev2-howto-zh.md) 连接。
### Windows 10 and 8.x
1. 右键单击系统托盘中的无线/网络图标。
@ -43,7 +30,7 @@
1. 返回 **网络和共享中心**。单击左侧的 **更改适配器设置**
1. 右键单击新创建的 VPN 连接,并选择 **属性**
1. 单击 **安全** 选项卡,从 **VPN 类型** 下拉菜单中选择 "使用 IPsec 的第 2 层隧道协议 (L2TP/IPSec)"。
1. 单击 **允许使用这些协议**确保选中 "质询握手身份验证协议 (CHAP)" 复选框。
1. 单击 **允许使用这些协议**。选中 "质询握手身份验证协议 (CHAP)" 和 "Microsoft CHAP 版本 2 (MS-CHAP v2)" 复选框。
1. 单击 **高级设置** 按钮。
1. 单击 **使用预共享密钥作身份验证** 并在 **密钥** 字段中输入`你的 VPN IPsec PSK`。
1. 单击 **确定** 关闭 **高级设置**
@ -57,7 +44,8 @@
# 不保存命令行历史记录
Set-PSReadlineOption HistorySaveStyle SaveNothing
# 创建 VPN 连接
Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP' -TunnelType L2tp -EncryptionLevel Required -AuthenticationMethod Chap,MSChapv2 -L2tpPsk '你的 VPN IPsec PSK' -Force -RememberCredential -PassThru
Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP' -L2tpPsk '你的 VPN IPsec PSK' -TunnelType L2tp -EncryptionLevel Required -AuthenticationMethod Chap,MSChapv2 -Force -RememberCredential -PassThru
# 忽略 data encryption 警告(数据在 IPsec 隧道中已被加密)
```
### Windows 7, Vista and XP
@ -80,7 +68,7 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
1. 右键单击新创建的 VPN 连接,并选择 **属性**
1. 单击 **选项** 选项卡,取消选中 **包括Windows登录域** 复选框。
1. 单击 **安全** 选项卡,从 **VPN 类型** 下拉菜单中选择 "使用 IPsec 的第 2 层隧道协议 (L2TP/IPSec)"。
1. 单击 **允许使用这些协议**确保选中 "质询握手身份验证协议 (CHAP)" 复选框。
1. 单击 **允许使用这些协议**。选中 "质询握手身份验证协议 (CHAP)" 和 "Microsoft CHAP 版本 2 (MS-CHAP v2)" 复选框。
1. 单击 **高级设置** 按钮。
1. 单击 **使用预共享密钥作身份验证** 并在 **密钥** 字段中输入`你的 VPN IPsec PSK`。
1. 单击 **确定** 关闭 **高级设置**
@ -94,8 +82,6 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
## OS X
**注:** 你也可以使用更高效的 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接,或者配置 [IKEv2](ikev2-howto-zh.md)。
1. 打开系统偏好设置并转到网络部分。
1. 在窗口左下角单击 **+** 按钮。
1. 从 **接口** 下拉菜单选择 **VPN**
@ -119,8 +105,6 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
## Android
**注:** 你也可以使用更高效的 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接,或者配置 [IKEv2](ikev2-howto-zh.md)。
1. 启动 **设置** 应用程序。
1. 在 **无线和网络** 部分单击 **更多...**
1. 单击 **VPN**
@ -142,8 +126,6 @@ VPN 连接成功后,会在通知栏显示图标。最后你可以到 <a href="
## iOS
**注:** 你也可以使用更高效的 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接,或者配置 [IKEv2](ikev2-howto-zh.md)。
1. 进入设置 -> 通用 -> VPN。
1. 单击 **添加VPN配置...**
1. 单击 **类型** 。选择 **L2TP** 并返回。
@ -179,10 +161,6 @@ VPN 连接成功后,网络状态图标上会出现 VPN 指示。最后你可
如果在连接过程中遇到错误,请参见 <a href="#故障排除">故障排除</a>
## Windows Phone
Windows Phone 8.1 及以上版本用户可以尝试按照 <a href="http://forums.windowscentral.com/windows-phone-8-1-preview-developers/301521-tutorials-windows-phone-8-1-support-l2tp-ipsec-vpn-now.html" target="_blank">这个教程</a> 的步骤操作。
## Linux
### Ubuntu Linux
@ -211,7 +189,7 @@ VPN 连接成功后,你可以到 <a href="https://www.ipchicken.com" target="_
### 其它 Linux
首先看 <a href="https://github.com/nm-l2tp/network-manager-l2tp/wiki/Prebuilt-Packages" target="_blank">这里</a> 以确认 `network-manager-l2tp` 软件包是否在你的 Linux 版本上可用。如果可用,安装它(选择使用 strongSwan并参见上面的说明。另外你也可以 [使用命令行配置 Linux VPN 客户端](#使用命令行配置-linux-vpn-客户端)。
首先看 <a href="https://github.com/nm-l2tp/network-manager-l2tp/wiki/Prebuilt-Packages" target="_blank">这里</a> 以确认 `network-manager-l2tp` `network-manager-l2tp-gnome` 软件包是否在你的 Linux 版本上可用。如果可用,安装它(选择使用 strongSwan并参见上面的说明。另外你也可以 [使用命令行配置 Linux VPN 客户端](#使用命令行配置-linux-vpn-客户端)。
## 故障排除

34
docs/clients.md
View File

@ -2,7 +2,7 @@
*Read this in other languages: [English](clients.md), [简体中文](clients-zh.md).*
**Note:** You may also connect using the faster [IPsec/XAuth mode](clients-xauth.md), or set up [IKEv2](ikev2-howto.md).
**Note:** You may also connect using the faster **[IPsec/XAuth mode](clients-xauth.md)**, or set up **[IKEv2](ikev2-howto.md)**.
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure your devices. IPsec/L2TP is natively supported by Android, iOS, OS X, and Windows. There is no additional software to install. Setup should only take a few minutes. In case you are unable to connect, first check to make sure the VPN credentials were entered correctly.
@ -13,24 +13,11 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
* [Android](#android)
* [iOS (iPhone/iPad)](#ios)
* [Chromebook](#chromebook)
* [Windows Phone](#windows-phone)
* [Linux](#linux)
* [Troubleshooting](#troubleshooting)
* [Windows Error 809](#windows-error-809)
* [Windows Error 628](#windows-error-628)
* [Windows 10 upgrades](#windows-10-upgrades)
* [Windows 8/10 DNS leaks](#windows-810-dns-leaks)
* [macOS VPN traffic](#macos-vpn-traffic)
* [iOS/Android sleep mode](#iosandroid-sleep-mode)
* [Android 6 and above](#android-6-and-above)
* [Chromebook issues](#chromebook-issues)
* [Other errors](#other-errors)
* [Additional steps](#additional-steps)
## Windows
**Note:** You may also set up and connect using the newer [IKEv2 mode](ikev2-howto.md).
### Windows 10 and 8.x
1. Right-click on the wireless/network icon in your system tray.
@ -43,7 +30,7 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
1. Return to **Network and Sharing Center**. On the left, click **Change adapter settings**.
1. Right-click on the new VPN entry and choose **Properties**.
1. Click the **Security** tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the **Type of VPN**.
1. Click **Allow these protocols**. Make sure the "Challenge Handshake Authentication Protocol (CHAP)" checkbox is checked.
1. Click **Allow these protocols**. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
1. Click the **Advanced settings** button.
1. Select **Use preshared key for authentication** and enter `Your VPN IPsec PSK` for the **Key**.
1. Click **OK** to close the **Advanced settings**.
@ -57,7 +44,8 @@ Alternatively, instead of following the steps above, you may create the VPN conn
# Disable persistent command history
Set-PSReadlineOption HistorySaveStyle SaveNothing
# Create VPN connection
Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress 'Your VPN Server IP' -TunnelType L2tp -EncryptionLevel Required -AuthenticationMethod Chap,MSChapv2 -L2tpPsk 'Your VPN IPsec PSK' -Force -RememberCredential -PassThru
Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress 'Your VPN Server IP' -L2tpPsk 'Your VPN IPsec PSK' -TunnelType L2tp -EncryptionLevel Required -AuthenticationMethod Chap,MSChapv2 -Force -RememberCredential -PassThru
# Ignore the data encryption warning (data is encrypted in the IPsec tunnel)
```
### Windows 7, Vista and XP
@ -80,7 +68,7 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress 'Your VPN Server IP' -Tunn
1. Right-click on the new VPN entry and choose **Properties**.
1. Click the **Options** tab and uncheck **Include Windows logon domain**.
1. Click the **Security** tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the **Type of VPN**.
1. Click **Allow these protocols**. Make sure the "Challenge Handshake Authentication Protocol (CHAP)" checkbox is checked.
1. Click **Allow these protocols**. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
1. Click the **Advanced settings** button.
1. Select **Use preshared key for authentication** and enter `Your VPN IPsec PSK` for the **Key**.
1. Click **OK** to close the **Advanced settings**.
@ -94,8 +82,6 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
## OS X
**Note:** You may also connect using the faster [IPsec/XAuth mode](clients-xauth.md), or set up [IKEv2](ikev2-howto.md).
1. Open System Preferences and go to the Network section.
1. Click the **+** button in the lower-left corner of the window.
1. Select **VPN** from the **Interface** drop-down menu.
@ -119,8 +105,6 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
## Android
**Note:** You may also connect using the faster [IPsec/XAuth mode](clients-xauth.md), or set up [IKEv2](ikev2-howto.md).
1. Launch the **Settings** application.
1. Tap **More...** in the **Wireless & Networks** section.
1. Tap **VPN**.
@ -142,8 +126,6 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
## iOS
**Note:** You may also connect using the faster [IPsec/XAuth mode](clients-xauth.md), or set up [IKEv2](ikev2-howto.md).
1. Go to Settings -> General -> VPN.
1. Tap **Add VPN Configuration...**.
1. Tap **Type**. Select **L2TP** and go back.
@ -179,10 +161,6 @@ Once connected, you will see a VPN icon overlay on the network status icon. You
If you get an error when trying to connect, see <a href="#troubleshooting">Troubleshooting</a>.
## Windows Phone
Users with Windows Phone 8.1 and above, try <a href="http://forums.windowscentral.com/windows-phone-8-1-preview-developers/301521-tutorials-windows-phone-8-1-support-l2tp-ipsec-vpn-now.html" target="_blank">this tutorial</a>.
## Linux
### Ubuntu Linux
@ -211,7 +189,7 @@ Once connected, you can verify that your traffic is being routed properly by <a
### Other Linux
First check <a href="https://github.com/nm-l2tp/network-manager-l2tp/wiki/Prebuilt-Packages" target="_blank">here</a> to see if the `network-manager-l2tp` package is available for your Linux distribution. If yes, install it (select strongSwan) and follow the instructions above. Alternatively, you may [configure Linux VPN clients using the command line](#configure-linux-vpn-clients-using-the-command-line).
First check <a href="https://github.com/nm-l2tp/network-manager-l2tp/wiki/Prebuilt-Packages" target="_blank">here</a> to see if the `network-manager-l2tp` and `network-manager-l2tp-gnome` packages are available for your Linux distribution. If yes, install them (select strongSwan) and follow the instructions above. Alternatively, you may [configure Linux VPN clients using the command line](#configure-linux-vpn-clients-using-the-command-line).
## Troubleshooting