diff --git a/README-zh.md b/README-zh.md
index 039ff83..3a235a6 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -138,7 +138,7 @@ VPN_PASSWORD='你的VPN密码' sh vpnsetup.sh
 
 **Windows 用户** 在首次连接之前需要<a href="docs/clients-zh.md#windows-错误-809" target="_blank">修改一次注册表</a>，以解决 VPN 服务器 和/或 客户端与 NAT （比如家用路由器）的兼容问题。
 
-同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性，如果需要同时连接在同一个 NAT （比如家用路由器）后面的多个设备到 VPN 服务器，你必须仅使用 <a href="docs/clients-xauth-zh.md" target="_blank">IPsec/XAuth 模式</a>。
+同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性，如果需要同时连接在同一个 NAT （比如家用路由器）后面的多个设备到 VPN 服务器，你必须仅使用 <a href="docs/clients-xauth-zh.md" target="_blank">IPsec/XAuth 模式</a>。另外，你的服务器必须运行 [Libreswan 3.19](#升级libreswan) 或更新版本。
 
 对于有外部防火墙的服务器（比如 <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html" target="_blank">EC2</a>/<a href="https://cloud.google.com/compute/docs/networking#firewalls" target="_blank">GCE</a>），请为 VPN 打开 UDP 端口 500 和 4500。
 
diff --git a/README.md b/README.md
index 9ce42e2..3e7a026 100644
--- a/README.md
+++ b/README.md
@@ -138,7 +138,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
 
 For **Windows users**, this <a href="docs/clients.md#windows-error-809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router).
 
-The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only <a href="docs/clients-xauth.md" target="_blank">IPsec/XAuth mode</a>.
+The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only <a href="docs/clients-xauth.md" target="_blank">IPsec/XAuth mode</a>. Also, your server must run [Libreswan 3.19](#upgrade-libreswan) or newer.
 
 For servers with an external firewall (e.g. <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html" target="_blank">EC2</a>/<a href="https://cloud.google.com/compute/docs/networking#firewalls" target="_blank">GCE</a>), open UDP ports 500 and 4500 for the VPN.
 
diff --git a/docs/clients-zh.md b/docs/clients-zh.md
index af1efcd..cf0a8d1 100644
--- a/docs/clients-zh.md
+++ b/docs/clients-zh.md
@@ -44,7 +44,7 @@
 1. 单击 **确定** 关闭 **高级设置**。
 1. 单击 **确定** 保存 VPN 连接的详细信息。
 
-注： 在首次连接之前需要修改一次注册表。请参见下面的说明。
+**注：** 在首次连接之前需要修改一次注册表。请参见下面的说明。
 
 ### Windows 7, Vista and XP
 
@@ -72,7 +72,7 @@
 1. 单击 **确定** 关闭 **高级设置**。
 1. 单击 **确定** 保存 VPN 连接的详细信息。
 
-注： 在首次连接之前需要<a href="#windows-错误-809">修改一次注册表</a>，以解决 VPN 服务器 和/或 客户端与 NAT （比如家用路由器）的兼容问题。
+**注：** 在首次连接之前需要<a href="#windows-错误-809">修改一次注册表</a>，以解决 VPN 服务器 和/或 客户端与 NAT （比如家用路由器）的兼容问题。
 
 要连接到 VPN： 单击系统托盘中的无线/网络图标，选择新的 VPN 连接，然后单击 **连接**。如果出现提示，在登录窗口中输入 `你的 VPN 用户名` 和 `密码` ，并单击 **确定**。最后你可以到 <a href="https://www.ipchicken.com" target="_blank">这里</a> 检测你的 IP 地址，应该显示为`你的 VPN 服务器 IP`。
 
diff --git a/docs/clients.md b/docs/clients.md
index 8fb47cc..c733ddb 100644
--- a/docs/clients.md
+++ b/docs/clients.md
@@ -44,7 +44,7 @@ An alternative <a href="https://usefulpcguide.com/17318/create-your-own-vpn/" ta
 1. Click **OK** to close the **Advanced settings**.
 1. Click **OK** to save the VPN connection details.
 
-Note: A one-time registry change is required before connecting. See details below.
+**Note:** A one-time registry change is required before connecting. See details below.
 
 ### Windows 7, Vista and XP
 
@@ -72,7 +72,7 @@ Note: A one-time registry change is required before connecting. See details belo
 1. Click **OK** to close the **Advanced settings**.
 1. Click **OK** to save the VPN connection details.
 
-Note: This <a href="#windows-error-809">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router).
+**Note:** This <a href="#windows-error-809">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router).
 
 To connect to the VPN: Click on the wireless/network icon in your system tray, select the new VPN entry, and click **Connect**. If prompted, enter `Your VPN Username` and `Password`, then click **OK**. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`".
 
diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md
index 1972c07..79237b0 100644
--- a/docs/ikev2-howto-zh.md
+++ b/docs/ikev2-howto-zh.md
@@ -82,7 +82,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
    ```
 
 1. 生成 Certificate Authority (CA) 和 VPN 服务器证书：   
-   注： 使用 "-v" 参数指定证书的有效期（单位：月），例如 "-v 36"。
+   **注：** 使用 "-v" 参数指定证书的有效期（单位：月），例如 "-v 36"。
 
    ```bash
    $ certutil -S -x -n "Example CA" -s "O=Example,CN=Example CA" -k rsa -g 4096 -v 36 -d sql:/etc/ipsec.d -t "CT,," -2
@@ -170,7 +170,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
    vpnclient                                          u,u,u
    ```
 
-   注：如需显示证书，可使用 `certutil -L -d sql:/etc/ipsec.d -n "Nickname"`。要删除证书，将 `-L` 换成 `-D`。更多的 `certutil` 使用说明请看 <a href="http://manpages.ubuntu.com/manpages/zesty/man1/certutil.1.html" target="_blank">这里</a>。
+   **注：** 如需显示证书，可使用 `certutil -L -d sql:/etc/ipsec.d -n "Nickname"`。要删除证书，将 `-L` 换成 `-D`。更多的 `certutil` 使用说明请看 <a href="http://manpages.ubuntu.com/manpages/zesty/man1/certutil.1.html" target="_blank">这里</a>。
 
 1. 重启 IPsec 服务：
 
diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md
index ff85764..9b9614d 100644
--- a/docs/ikev2-howto.md
+++ b/docs/ikev2-howto.md
@@ -82,7 +82,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
    ```
 
 1. Generate Certificate Authority (CA) and VPN server certificates:   
-   Note: Specify the certificate validity period (in months) using "-v". e.g. "-v 36".
+   **Note:** Specify the certificate validity period (in months) using "-v". e.g. "-v 36".
 
    ```bash
    $ certutil -S -x -n "Example CA" -s "O=Example,CN=Example CA" -k rsa -g 4096 -v 36 -d sql:/etc/ipsec.d -t "CT,," -2
@@ -170,7 +170,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
    vpnclient                                          u,u,u
    ```
 
-   Note: To display a certificate, use `certutil -L -d sql:/etc/ipsec.d -n "Nickname"`. To delete it, replace `-L` with `-D`. For other `certutil` usage, read <a href="http://manpages.ubuntu.com/manpages/zesty/man1/certutil.1.html" target="_blank">this page</a>.
+   **Note:** To display a certificate, use `certutil -L -d sql:/etc/ipsec.d -n "Nickname"`. To delete it, replace `-L` with `-D`. For other `certutil` usage, read <a href="http://manpages.ubuntu.com/manpages/zesty/man1/certutil.1.html" target="_blank">this page</a>.
 
 1. Restart IPsec service: