diff --git a/README-zh.md b/README-zh.md index 4890498..b4fd6ab 100644 --- a/README-zh.md +++ b/README-zh.md @@ -2,11 +2,10 @@ [![Build Status](https://img.shields.io/travis/hwdsl2/setup-ipsec-vpn.svg)](https://travis-ci.org/hwdsl2/setup-ipsec-vpn) [![Docker Ready](https://img.shields.io/badge/docker-ready-blue.svg)](https://github.com/hwdsl2/docker-ipsec-vpn-server) -[![Docker Pulls](https://img.shields.io/docker/pulls/hwdsl2/ipsec-vpn-server.svg)](https://github.com/hwdsl2/docker-ipsec-vpn-server) *其他语言版本: [English](README.md), [简体中文](README-zh.md).* -使用这些 Linux Shell 脚本一键快速搭建 IPsec/L2TP VPN 服务器。支持 Ubuntu,Debian 和 CentOS 系统。你只需提供自己的 VPN 登录凭证,或者选择随机生成凭证。然后运行脚本自动完成安装。 +使用这些 Linux Shell 脚本一键快速搭建 IPsec/L2TP VPN 服务器。支持 Ubuntu,Debian 和 CentOS 系统。你只需提供自己的 VPN 登录凭证,然后运行脚本自动完成安装。 我们将使用 Libreswan 作为 IPsec 服务器,以及 xl2tpd 作为 L2TP 提供者。 @@ -59,16 +58,16 @@ 首先,更新你的系统: 运行 `apt-get update && apt-get dist-upgrade` 并重启。这一步是可选的,但推荐。 -**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (在安装完成后显示): +**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (会在屏幕上显示): ```bash -wget 'https://git.io/vpnsetup' -O vpnsetup.sh && sudo sh vpnsetup.sh +wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh ``` -**选项 2:** 在脚本中输入你自己的 VPN 登录凭证,或者将它们定义为环境变量: +**选项 2:** 输入你自己的 VPN 登录凭证,或者将它们定义为环境变量: ```bash -wget 'https://git.io/vpnsetup' -O vpnsetup.sh +wget https://git.io/vpnsetup -O vpnsetup.sh nano -w vpnsetup.sh [修改为你自己的值: VPN_IPSEC_PSK, VPN_USER 和 VPN_PASSWORD] sudo sh vpnsetup.sh @@ -78,16 +77,16 @@ sudo sh vpnsetup.sh 首先,更新你的系统: 运行 `yum update` 并重启。这一步是可选的,但推荐。 -**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (在安装完成后显示): +**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (会在屏幕上显示): ```bash -wget 'https://git.io/vpnsetup-centos' -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh +wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh ``` -**选项 2:** 在脚本中输入你自己的 VPN 登录凭证,或者将它们定义为环境变量: +**选项 2:** 输入你自己的 VPN 登录凭证,或者将它们定义为环境变量: ```bash -wget 'https://git.io/vpnsetup-centos' -O vpnsetup_centos.sh +wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh nano -w vpnsetup_centos.sh [修改为你自己的值: VPN_IPSEC_PSK, VPN_USER 和 VPN_PASSWORD] sudo sh vpnsetup_centos.sh @@ -99,15 +98,15 @@ sudo sh vpnsetup_centos.sh 配置你的计算机或其它设备使用 VPN 。请参见: 配置 IPsec/L2TP VPN 客户端。 -**NEW:** 新增支持更高效的 `IPsec/XAuth ("Cisco IPsec")` 模式。请参考 配置 IPsec/XAuth VPN 客户端。 +**NEW:** 新增支持更高效的 `IPsec/XAuth ("Cisco IPsec")` 模式: 配置 IPsec/XAuth VPN 客户端。 开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles: ## 重要提示 -**Windows 用户** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到`Error 628`,请打开 VPN 连接属性的"安全"选项卡,启用 `CHAP` 选项并禁用 `MS-CHAP v2`。 +**Windows 用户** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到 `Error 628` ,请打开 VPN 连接属性的"安全"选项卡,启用 `CHAP` 选项并禁用 `MS-CHAP v2`。 -**Android 6 (Marshmallow) 用户** 请参见此文档中的注释: 配置 IPsec/L2TP VPN 客户端。 +**Android 6 (Marshmallow) 用户** 请参考此文档中的注释: 配置 IPsec/L2TP VPN 客户端。 如果要创建具有不同凭据的多个 VPN 用户,只需要修改这几行的脚本。 @@ -119,12 +118,12 @@ sudo sh vpnsetup_centos.sh ## 关于升级Libreswan -提供两个额外的脚本 vpnupgrade_Libreswan.shvpnupgrade_Libreswan_centos.sh ,可用于将已安装的 Libreswan 不定期升级至最新版本。请关注官方网站,并在运行前根据需要更新 `swan_ver` 变量。 +提供两个额外的脚本 vpnupgrade_Libreswan.shvpnupgrade_Libreswan_centos.sh ,可用于升级 Libreswan。请关注官方网站,并在运行前根据需要更新 `swan_ver` 变量。 ## 问题和反馈 - 有问题需要提问?请先搜索其他用户的留言,在这个 GitHub Gist 以及我的博客文章。 -- Libreswan (IPsec) 的相关问题可在邮件列表提问。也可以参见这些 wiki 文章:[1] [2] [3] [4] [5]。 +- Libreswan (IPsec) 的相关问题可在邮件列表提问。也可以参见这些文章:[1] [2] [3] [4] [5]。 - 如果你发现了一个可重复的程序漏洞,请提交一个 GitHub Issue。 ## 另见 diff --git a/README.md b/README.md index 2d04e52..0e60ffc 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,10 @@ [![Build Status](https://img.shields.io/travis/hwdsl2/setup-ipsec-vpn.svg)](https://travis-ci.org/hwdsl2/setup-ipsec-vpn) [![Docker Ready](https://img.shields.io/badge/docker-ready-blue.svg)](https://github.com/hwdsl2/docker-ipsec-vpn-server) -[![Docker Pulls](https://img.shields.io/docker/pulls/hwdsl2/ipsec-vpn-server.svg)](https://github.com/hwdsl2/docker-ipsec-vpn-server) *Read this in other languages: [English](README.md), [简体中文](README-zh.md).* -These scripts will let you set up your own IPsec/L2TP VPN server in no more than a minute on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, or auto-generate them. The scripts will handle the rest. +These scripts will let you set up your own IPsec/L2TP VPN server in no more than a minute on Ubuntu, Debian and CentOS. Just provide your own VPN credentials, and the scripts will handle the rest. We will use Libreswan as the IPsec server, and xl2tpd as the L2TP provider. @@ -59,16 +58,16 @@ A dedicated server or KVM/Xen-based Virtual Private Server (VPS), freshly instal First, update your system with `apt-get update && apt-get dist-upgrade` and reboot. This is optional, but recommended. -**Option 1:** Have the script generate random VPN credentials for you (will be displayed when done): +**Option 1:** Have the script generate random VPN credentials for you (will be displayed on the screen): ```bash -wget 'https://git.io/vpnsetup' -O vpnsetup.sh && sudo sh vpnsetup.sh +wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh ``` **Option 2:** Enter your own VPN credentials, or define them as environment variables: ```bash -wget 'https://git.io/vpnsetup' -O vpnsetup.sh +wget https://git.io/vpnsetup -O vpnsetup.sh nano -w vpnsetup.sh [Replace with your own values: VPN_IPSEC_PSK, VPN_USER and VPN_PASSWORD] sudo sh vpnsetup.sh @@ -78,16 +77,16 @@ sudo sh vpnsetup.sh First, update your system with `yum update` and reboot. This is optional, but recommended. -**Option 1:** Have the script generate random VPN credentials for you (will be displayed when done): +**Option 1:** Have the script generate random VPN credentials for you (will be displayed on the screen): ```bash -wget 'https://git.io/vpnsetup-centos' -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh +wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh ``` **Option 2:** Enter your own VPN credentials, or define them as environment variables: ```bash -wget 'https://git.io/vpnsetup-centos' -O vpnsetup_centos.sh +wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh nano -w vpnsetup_centos.sh [Replace with your own values: VPN_IPSEC_PSK, VPN_USER and VPN_PASSWORD] sudo sh vpnsetup_centos.sh @@ -99,13 +98,13 @@ If unable to download via `wget`, you may alternatively open Configure IPsec/L2TP VPN Clients. -**NEW:** The faster `IPsec/XAuth ("Cisco IPsec")` mode is now supported. See: Configure IPsec/XAuth VPN Clients. +**NEW:** The faster `IPsec/XAuth ("Cisco IPsec")` mode is now supported: Configure IPsec/XAuth VPN Clients. Enjoy your very own VPN! :sparkles::tada::rocket::sparkles: ## Important Notes -For **Windows users**, a one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). Also, if you see `Error 628`, go to the "Security" tab of VPN connection properties, enable `CHAP` and disable `MS-CHAP v2`. +For **Windows users**, a one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). Also, if you see `Error 628`, go to the "Security" tab of VPN connection properties, enable `CHAP` and disable `MS-CHAP v2`. **Android 6 (Marshmallow) users**: Please see notes in Configure IPsec/L2TP VPN Clients. @@ -119,12 +118,12 @@ The scripts will backup existing config files before making changes, with `.old- ## Upgrading Libreswan -The additional scripts vpnupgrade_Libreswan.sh and vpnupgrade_Libreswan_centos.sh can be used to periodically upgrade Libreswan to the latest version. Check the official website and update the `swan_ver` variable as necessary. +The additional scripts vpnupgrade_Libreswan.sh and vpnupgrade_Libreswan_centos.sh can be used to upgrade Libreswan. Check the official website and update the `swan_ver` variable as necessary. ## Bugs & Questions - Got a question? Please first search other people's comments in this GitHub Gist and on my blog. -- Ask Libreswan (IPsec) related questions on the mailing list, or read these wikis: [1] [2] [3] [4] [5]. +- Ask Libreswan (IPsec) related questions on the mailing list, or read these articles: [1] [2] [3] [4] [5]. - If you found a reproducible bug, open a GitHub Issue to submit a bug report. ## See Also diff --git a/docs/clients-zh.md b/docs/clients-zh.md index 1dac4c4..d9b3b39 100644 --- a/docs/clients-zh.md +++ b/docs/clients-zh.md @@ -38,6 +38,7 @@ 1. 单击 **确定** 关闭 **高级设置**。 1. 单击 **确定** 保存 VPN 连接的详细信息。 + 要连接到 VPN,只需在系统托盘中的无线/网络图标上单击右键,选择新的 VPN 连接,然后单击 **连接**。最后你可以到这里检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。 **注:** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。请参照链接文章中的说明,或者打开提升权限命令提示符并运行以下命令。完成后必须重新启动计算机。 diff --git a/docs/clients.md b/docs/clients.md index 50024cc..a933cd4 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -38,6 +38,7 @@ After settin 1. Click **OK** to close the **Advanced settings**. 1. Click **OK** to save the VPN connection details. + To connect to the VPN, simply right-click on the wireless/network icon in your system tray, select the new VPN connection, and click **Connect**. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is `Your VPN Server IP`". **Note:** A one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). Please refer to the linked page, or run the following from an elevated command prompt. You must reboot your computer when done.