diff --git a/README-zh.md b/README-zh.md
index 307db3f..e8b58f7 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -68,7 +68,7 @@ wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
一个专用服务器或者虚拟专用服务器 (VPS),全新安装以上操作系统之一。另外也可使用 Debian 7 (Wheezy),但是必须首先运行另一个脚本。 OpenVZ VPS 不受支持,用户可以尝试使用 Shadowsocks 或者 OpenVPN。
-这也包括各种公共云服务中的 Linux 虚拟机,比如 DigitalOcean, Vultr, Linode, Google Compute Engine, Amazon Lightsail, Microsoft Azure, IBM SoftLayer 和 Rackspace。
+这也包括各种公共云服务中的 Linux 虚拟机,比如 DigitalOcean, Vultr, Linode, Google Compute Engine, Amazon Lightsail, Microsoft Azure, IBM SoftLayer, OVH 和 Rackspace。
@@ -141,7 +141,7 @@ VPN_PASSWORD='你的VPN密码' sh vpnsetup.sh
同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性,如果需要同时连接在同一个 NAT (比如家用路由器)后面的多个设备到 VPN 服务器,你必须仅使用 IPsec/XAuth 模式。另外,你的服务器必须运行 [Libreswan 3.19](#升级libreswan) 或以上版本。
-对于有外部防火墙的服务器(比如 EC2/GCE),请为 VPN 打开 UDP 端口 500 和 4500。
+对于有外部防火墙的服务器(比如 EC2/GCE),请为 VPN 打开 UDP 端口 500 和 4500。
如果需要添加,修改或者删除 VPN 用户账户,请参见 管理 VPN 用户。
diff --git a/README.md b/README.md
index 83dadcc..a212fd7 100644
--- a/README.md
+++ b/README.md
@@ -68,7 +68,7 @@ Please see this workaround. OpenVZ VPS is NOT supported, users could instead try OpenVPN.
-This also includes Linux VMs in public clouds, such as DigitalOcean, Vultr, Linode, Google Compute Engine, Amazon Lightsail, Microsoft Azure, IBM SoftLayer and Rackspace.
+This also includes Linux VMs in public clouds, such as DigitalOcean, Vultr, Linode, Google Compute Engine, Amazon Lightsail, Microsoft Azure, IBM SoftLayer, OVH and Rackspace.
@@ -139,9 +139,9 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
For **Windows users**, this one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router).
-The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only IPsec/XAuth mode. Also, your server must be running [Libreswan 3.19](#upgrade-libreswan) or above.
+The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only IPsec/XAuth mode. Also, your server must run [Libreswan 3.19](#upgrade-libreswan) or a newer version.
-For servers with an external firewall (e.g. EC2/GCE), open UDP ports 500 and 4500 for the VPN.
+For servers with an external firewall (e.g. EC2/GCE), open UDP ports 500 and 4500 for the VPN.
If you wish to add, edit or remove VPN user accounts, see Manage VPN Users.
diff --git a/docs/clients-zh.md b/docs/clients-zh.md
index 4363d8e..be2d84f 100644
--- a/docs/clients-zh.md
+++ b/docs/clients-zh.md
@@ -154,13 +154,15 @@ VPN 连接成功后,会在通知栏显示图标。最后你可以到 这里 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
+如果在连接过程中遇到错误,请参见 故障排除。
+
## Windows Phone
Windows Phone 8.1 及以上版本用户可以尝试按照 这个教程 的步骤操作。最后你可以到 这里 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
## Linux
-注: 以下步骤是在 [Peter Sanford 的工作](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c) 基础上修改。这些命令必须在你的 VPN 客户端上使用 `root` 账户运行。
+以下步骤是基于 [Peter Sanford 的工作](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c)。这些命令必须在你的 VPN 客户端上使用 `root` 账户运行。
要配置 VPN 客户端,首先安装以下软件包:
@@ -269,6 +271,8 @@ chmod 600 /etc/ppp/options.l2tpd.client
至此 VPN 客户端配置已完成。按照下面的步骤进行连接。
+**注:** 当你每次尝试连接到 VPN 时,必须重复下面的所有步骤。
+
创建 xl2tpd 控制文件:
```bash
diff --git a/docs/clients.md b/docs/clients.md
index 8960191..657ed2e 100644
--- a/docs/clients.md
+++ b/docs/clients.md
@@ -154,13 +154,15 @@ Once connected, you will see a VPN icon in the status bar. You can verify that y
Once connected, you will see a VPN icon overlay on the network status icon. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is `Your VPN Server IP`".
+If you get an error when trying to connect, see Troubleshooting.
+
## Windows Phone
Users with Windows Phone 8.1 and above, try this tutorial. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is `Your VPN Server IP`".
## Linux
-Note: Instructions below are adapted from [the work of Peter Sanford](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c). Commands must be run as `root` on your VPN client.
+Instructions below are based on [the work of Peter Sanford](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c). Commands must be run as `root` on your VPN client.
To set up the VPN client, first install the following packages:
@@ -269,6 +271,8 @@ chmod 600 /etc/ppp/options.l2tpd.client
The VPN client setup is now complete. Follow the steps below to connect.
+**Note:** You must repeat all steps below every time you try to connect to the VPN.
+
Create xl2tpd control file:
```bash
diff --git a/docs/manage-users-zh.md b/docs/manage-users-zh.md
index 6a19db0..1cb139f 100644
--- a/docs/manage-users-zh.md
+++ b/docs/manage-users-zh.md
@@ -4,17 +4,17 @@
在默认情况下,将只创建一个用于 VPN 登录的用户账户。如果你需要添加,修改或者删除用户,请阅读本文档。
-首先,IPsec PSK (预共享密钥) 保存在文件 `/etc/ipsec.secrets`。如果要更换一个新的 PSK,可以编辑此文件。
+首先,IPsec PSK (预共享密钥) 保存在文件 `/etc/ipsec.secrets` 中。如果要更换一个新的 PSK,可以编辑此文件。所有的 VPN 用户将共享同一个 IPsec PSK。
```bash
-%any %any : PSK ""
+%any %any : PSK "your_ipsec_pre_shared_key"
```
对于 `IPsec/L2TP`,VPN 用户账户信息保存在文件 `/etc/ppp/chap-secrets`。该文件的格式如下:
```bash
-"" l2tpd "" *
-"" l2tpd "" *
+"your_vpn_username_1" l2tpd "your_vpn_password_1" *
+"your_vpn_username_2" l2tpd "your_vpn_password_2" *
... ...
```
@@ -23,19 +23,19 @@
对于 `IPsec/XAuth ("Cisco IPsec")`, VPN 用户账户信息保存在文件 `/etc/ipsec.d/passwd`。该文件的格式如下:
```bash
-::xauth-psk
-::xauth-psk
+your_vpn_username_1:your_vpn_password_1_hashed:xauth-psk
+your_vpn_username_2:your_vpn_password_2_hashed:xauth-psk
... ...
```
这个文件中的密码以 salted and hashed 的形式保存。该步骤可以借助比如 `openssl` 工具来完成:
```bash
-# 以下命令的输出为
-openssl passwd -1 ""
+# 以下命令的输出为 your_vpn_password_1_hashed
+openssl passwd -1 'your_vpn_password_1'
```
-在完成后,需要重启服务:
+在完成后重启服务:
```bash
service ipsec restart
diff --git a/docs/manage-users.md b/docs/manage-users.md
index 787a789..cfd7bf4 100644
--- a/docs/manage-users.md
+++ b/docs/manage-users.md
@@ -4,17 +4,17 @@
By default, a single user account for VPN login is created. If you wish to add, edit or remove users, read this document.
-First, the IPsec PSK (pre-shared key) is stored in `/etc/ipsec.secrets`. To change to a new PSK, just edit this file.
+First, the IPsec PSK (pre-shared key) is stored in `/etc/ipsec.secrets`. To change to a new PSK, just edit this file. All VPN users will share the same IPsec PSK.
```bash
-%any %any : PSK ""
+%any %any : PSK "your_ipsec_pre_shared_key"
```
For `IPsec/L2TP`, VPN users are specified in `/etc/ppp/chap-secrets`. The format of this file is:
```bash
-"" l2tpd "" *
-"" l2tpd "" *
+"your_vpn_username_1" l2tpd "your_vpn_password_1" *
+"your_vpn_username_2" l2tpd "your_vpn_password_2" *
... ...
```
@@ -23,16 +23,16 @@ You can add more users, use one line for each user. DO NOT use these characters
For `IPsec/XAuth ("Cisco IPsec")`, VPN users are specified in `/etc/ipsec.d/passwd`. The format of this file is:
```bash
-::xauth-psk
-::xauth-psk
+your_vpn_username_1:your_vpn_password_1_hashed:xauth-psk
+your_vpn_username_2:your_vpn_password_2_hashed:xauth-psk
... ...
```
Passwords in this file are salted and hashed. This step can be done using e.g. the `openssl` utility:
```bash
-# The output will be
-openssl passwd -1 ""
+# The output will be your_vpn_password_1_hashed
+openssl passwd -1 'your_vpn_password_1'
```
When finished, restart services: