Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-19 20:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update docs

Browse Source
This commit is contained in:
hwdsl2 2021-07-28 23:33:29 -05:00
parent 88ab115874
commit c6cfd1fe49
4 changed files with 34 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
README-zh.md
View File

@ -87,30 +87,27 @@ wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh && sudo ikev2.sh -
## 系统要求
一个新创建的 [Amazon EC2](https://aws.amazon.com/ec2/) 实例,使用这些映像之一。你可以使用 [CloudFormation](aws/README-zh.md) 或者 [用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup) 快速部署,或者 [手动部署](#安装说明)。参见 [EC2 定价细节](https://aws.amazon.com/cn/ec2/pricing/)。
- [Ubuntu 20.04 (Focal) 或者 18.04 (Bionic)](https://cloud-images.ubuntu.com/locator/)
- [Debian 10 (Buster)](https://wiki.debian.org/Cloud/AmazonEC2Image)[\*](#debian-10-note)[ 或者 9 (Stretch)](https://wiki.debian.org/Cloud/AmazonEC2Image)
- [CentOS 8](https://wiki.centos.org/Cloud/AWS)[\*\*](#centos-8-note)[ 或者 7](https://wiki.centos.org/Cloud/AWS)
- [Rocky Linux 8](https://aws.amazon.com/marketplace/seller-profile?id=01538adc-2664-49d5-b926-3381dffce12d)
- [Red Hat Enterprise Linux (RHEL) 8 或者 7](https://aws.amazon.com/partners/redhat/faqs/)
- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/)
一个专用服务器或者虚拟专用服务器 (VPS),全新安装以下操作系统之一:
**-或者-**
- Ubuntu 20.04 (Focal) 或者 18.04 (Bionic)
- Debian 10 (Buster)[\*](#debian-10-note) 或者 9 (Stretch)
- CentOS 8[\*\*](#centos-8-note) 或者 7
- Rocky Linux 8
- Red Hat Enterprise Linux (RHEL) 8 或者 7
- Amazon Linux 2
一个专用服务器或者虚拟专用服务器 (VPS)全新安装以上操作系统之一。OpenVZ VPS 不受支持,用户可以另外尝试 [OpenVPN](https://github.com/Nyr/openvpn-install)。
这也包括各种公共云服务中的 Linux 虚拟机,比如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) 和 [IBM Cloud](https://www.ibm.com/cloud/virtual-servers)。
这也包括各种公共云服务中的 Linux 虚拟机,比如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) 和 [IBM Cloud](https://www.ibm.com/cloud/virtual-servers)。[Amazon EC2](https://aws.amazon.com/ec2/) 用户可以使用 [CloudFormation](aws/README-zh.md) 或者 [用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup) 快速部署。
[![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README-zh.md) [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com/) [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)
[**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在一个 [Raspberry Pi](https://www.raspberrypi.org) 上搭建 VPN 服务器。参见 [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在一个 [Raspberry Pi](https://www.raspberrypi.org) 上搭建 VPN 服务器。[[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
<a name="debian-10-note"></a>
\* Debian 10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。如果在 EC2 上使用 Debian 10你必须首先换用标准的 Linux 内核,然后运行 VPN 安装脚本。
\* Debian 10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。
<a name="centos-8-note"></a>
\*\* CentOS Linux 8 的支持 [将于2021年12月31日结束](https://wiki.centos.org/About/Product)。
\*\* CentOS Linux 8 的支持将于 2021 12 31 [结束](https://wiki.centos.org/About/Product)。
:warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本!它们只能用在服务器上!
@ -272,12 +269,12 @@ sudo ikev2.sh --auto
配置你的计算机或其它设备使用 VPN 。请参见:
[**IKEv2 VPN 配置和使用指南**](docs/ikev2-howto-zh.md)
[**配置 IPsec/L2TP VPN 客户端**](docs/clients-zh.md)
[**配置 IPsec/XAuth ("Cisco IPsec") VPN 客户端**](docs/clients-xauth-zh.md)
[**IKEv2 VPN 配置和使用指南**](docs/ikev2-howto-zh.md)
如果在连接过程中遇到错误,请参见 [故障排除](docs/clients-zh.md#故障排除)。
开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles:
@ -290,9 +287,9 @@ sudo ikev2.sh --auto
**Android 用户** 如果遇到连接问题,请尝试 [这些步骤](docs/clients-zh.md#android-mtumss-问题)。
同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性,如果需要同时连接在同一个 NAT比如家用路由器后面的多个设备到 VPN 服务器,你必须仅使用 [IPsec/XAuth 模式](docs/clients-xauth-zh.md),或者 [配置 IKEv2](docs/ikev2-howto-zh.md)
同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性,如果需要同时连接在同一个 NAT比如家用路由器后面的多个设备到 VPN 服务器,你必须仅使用 [IKEv2](docs/ikev2-howto-zh.md) 或者 [IPsec/XAuth](docs/clients-xauth-zh.md) 模式
如果需要查看或更改 VPN 用户账户,请参见 [管理 VPN 用户](docs/manage-users-zh.md)。该文档包含辅助脚本,以方便管理 VPN 用户。
要查看或更改 VPN 用户账户,请参见 [管理 VPN 用户](docs/manage-users-zh.md)。该文档包含辅助脚本,以方便管理 VPN 用户。
对于有外部防火墙的服务器(比如 [EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html)/[GCE](https://cloud.google.com/vpc/docs/firewalls)),请为 VPN 打开 UDP 端口 500 和 4500。阿里云用户请参见 [#433](https://github.com/hwdsl2/setup-ipsec-vpn/issues/433)。

33
README.md
View File

@ -87,30 +87,27 @@ A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is
## Requirements
A newly created [Amazon EC2](https://aws.amazon.com/ec2/) instance, from one of these images. You may deploy rapidly using [CloudFormation](aws/README.md) or [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup), or [manually deploy](#installation). Refer to [EC2 pricing](https://aws.amazon.com/ec2/pricing/).
- [Ubuntu 20.04 (Focal) or 18.04 (Bionic)](https://cloud-images.ubuntu.com/locator/)
- [Debian 10 (Buster)](https://wiki.debian.org/Cloud/AmazonEC2Image)[\*](#debian-10-note)[ or 9 (Stretch)](https://wiki.debian.org/Cloud/AmazonEC2Image)
- [CentOS 8](https://wiki.centos.org/Cloud/AWS)[\*\*](#centos-8-note)[ or 7](https://wiki.centos.org/Cloud/AWS)
- [Rocky Linux 8](https://aws.amazon.com/marketplace/seller-profile?id=01538adc-2664-49d5-b926-3381dffce12d)
- [Red Hat Enterprise Linux (RHEL) 8 or 7](https://aws.amazon.com/partners/redhat/faqs/)
- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/)
A dedicated server or virtual private server (VPS), freshly installed with one of the following OS:
**-OR-**
- Ubuntu 20.04 (Focal) or 18.04 (Bionic)
- Debian 10 (Buster)[\*](#debian-10-note) or 9 (Stretch)
- CentOS 8[\*\*](#centos-8-note) or 7
- Rocky Linux 8
- Red Hat Enterprise Linux (RHEL) 8 or 7
- Amazon Linux 2
A dedicated server or virtual private server (VPS), freshly installed with one of the above OS. OpenVZ VPS is not supported, users could instead try [OpenVPN](https://github.com/Nyr/openvpn-install).
This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) and [IBM Cloud](https://www.ibm.com/cloud/virtual-servers).
This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) and [IBM Cloud](https://www.ibm.com/cloud/virtual-servers). [Amazon EC2](https://aws.amazon.com/ec2/) users can deploy rapidly using [CloudFormation](aws/README.md) or [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup).
[![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README.md) [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com/) [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)
[**&raquo; I want to run my own VPN but don't have a server for that**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)
A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is also available. Advanced users can set up the VPN server on a [Raspberry Pi](https://www.raspberrypi.org). See [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/).
A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is also available. Advanced users can set up the VPN server on a [Raspberry Pi](https://www.raspberrypi.org). [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
<a name="debian-10-note"></a>
\* Debian 10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel). If using Debian 10 on EC2, you must first switch to the standard Linux kernel before running the VPN setup script.
\* Debian 10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel).
<a name="centos-8-note"></a>
\*\* Support for CentOS Linux 8 [will end on December 31, 2021](https://wiki.centos.org/About/Product).
\*\* Support for CentOS Linux 8 [will end](https://wiki.centos.org/About/Product) on December 31, 2021.
:warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server!
@ -272,12 +269,12 @@ sudo ikev2.sh --auto
Get your computer or device to use the VPN. Please refer to:
[**Guide: How to Set Up and Use IKEv2 VPN**](docs/ikev2-howto.md)
[**Configure IPsec/L2TP VPN Clients**](docs/clients.md)
[**Configure IPsec/XAuth ("Cisco IPsec") VPN Clients**](docs/clients-xauth.md)
[**Guide: How to Set Up and Use IKEv2 VPN**](docs/ikev2-howto.md)
If you get an error when trying to connect, see [Troubleshooting](docs/clients.md#troubleshooting).
Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
@ -290,9 +287,9 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
**Android users**: If you encounter connection issues, try [these steps](docs/clients.md#android-mtumss-issues).
The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only [IPsec/XAuth mode](docs/clients-xauth.md), or [set up IKEv2](docs/ikev2-howto.md).
The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only [IKEv2](docs/ikev2-howto.md) or [IPsec/XAuth](docs/clients-xauth.md) mode.
If you wish to view or update VPN user accounts, see [Manage VPN users](docs/manage-users.md). Helper scripts are included for convenience.
To view or update VPN user accounts, see [Manage VPN users](docs/manage-users.md). Helper scripts are included for convenience.
For servers with an external firewall (e.g. [EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html)/[GCE](https://cloud.google.com/vpc/docs/firewalls)), open UDP ports 500 and 4500 for the VPN. Aliyun users, see [#433](https://github.com/hwdsl2/setup-ipsec-vpn/issues/433).

2
docs/clients-zh.md
View File

@ -368,6 +368,8 @@ Debian 10 用户:运行 `uname -r` 以检查你的服务器的 Linux 内核版
要解决此问题,你可以换用标准的 Linux 内核,通过安装比如 `linux-image-amd64` 软件包来实现。然后更新 GRUB 的内核默认值并重启服务器。最后重新运行 VPN 安装脚本。
如果在 [Amazon EC2](https://aws.amazon.com/ec2/) 上使用 Debian 10你必须首先换用标准的 Linux 内核,然后运行 VPN 安装脚本。
### 其它错误
如果你遇到其它错误,请参见以下链接:

2
docs/clients.md
View File

@ -367,6 +367,8 @@ Debian 10 users: Run `uname -r` to check your server's Linux kernel version. If
To fix, you may switch to the standard Linux kernel by installing e.g. the `linux-image-amd64` package. Then update the default kernel in GRUB and reboot your server. Finally, re-run the VPN setup script.
If using Debian 10 on [Amazon EC2](https://aws.amazon.com/ec2/), you must first switch to the standard Linux kernel before running the VPN setup script.
### Other errors
If you encounter other errors, refer to the links below: