Update docs

README-zh.md

@@ -80,7 +80,7 @@ wget https://git.io/vpnquickstart -O vpn.sh && sudo sh vpn.sh
 另外，你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在 [Raspberry Pi](https://www.raspberrypi.org) 上安装。[[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
 
 <a name="debian-10-note"></a>
-\* Debian 11 或者 10 用户需要[使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。   
+\* Debian 11/10 用户需要[使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。   
 <a name="centos-8-note"></a>
 \*\* 对 CentOS Linux 8 的支持[已经结束](https://wiki.centos.org/About/Product)。你可以使用比如 Rocky Linux 或者 AlmaLinux OS。
 
@@ -139,7 +139,7 @@ sh vpn.sh
 
 ## 下一步
 
-配置你的计算机或其它设备使用 VPN 。请参见：
+配置你的计算机或其它设备使用 VPN。请参见：
 
 [**IKEv2 VPN 配置和使用指南**](docs/ikev2-howto-zh.md)
 
@@ -149,11 +149,11 @@ sh vpn.sh
 
 如果在连接过程中遇到错误，请参见 [故障排除](docs/clients-zh.md#故障排除)。
 
-开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles:
+开始使用自己的专属 VPN! :sparkles::tada::rocket::sparkles:
 
 ## 重要提示
 
-*其他语言版本: [English](README.md#important-notes), [简体中文](README-zh.md#重要提示)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](README.md#important-notes), [简体中文](README-zh.md#重要提示)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **Windows 用户** 对于 IPsec/L2TP 模式，在首次连接之前需要 [修改注册表](docs/clients-zh.md#windows-错误-809)，以解决 VPN 服务器或客户端与 NAT（比如家用路由器）的兼容问题。
 
@@ -171,7 +171,7 @@ sh vpn.sh
 
 ## 升级Libreswan
 
-使用以下命令更新你的 VPN 服务器上的 [Libreswan](https://libreswan.org)（[更新日志](https://github.com/libreswan/libreswan/blob/master/CHANGES) | [通知列表](https://lists.libreswan.org/mailman/listinfo/swan-announce)）。目前支持的最新版本是 `4.6`。查看已安装版本：`ipsec --version`。
+使用以下命令更新你的 VPN 服务器上的 [Libreswan](https://libreswan.org)（[更新日志](https://github.com/libreswan/libreswan/blob/main/CHANGES) | [通知列表](https://lists.libreswan.org/mailman/listinfo/swan-announce)）。目前支持的最新版本是 `4.6`。查看已安装版本：`ipsec --version`。
 
 ```bash
 wget https://git.io/vpnupgrade -O vpnup.sh && sudo sh vpnup.sh
@@ -205,6 +205,7 @@ wget https://git.io/vpnupgrade -O vpnup.sh && sudo sh vpnup.sh
 
 - 有问题需要提问？请先搜索 [已有的 issues](https://github.com/hwdsl2/setup-ipsec-vpn/issues?q=is%3Aissue) 以及在 [这个 Gist](https://gist.github.com/hwdsl2/9030462#comments) 和 [我的博客](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#disqus_thread) 上已有的留言。
 - VPN 的相关问题可在 [Libreswan](https://lists.libreswan.org/mailman/listinfo/swan) 或 [strongSwan](https://lists.strongswan.org/mailman/listinfo/users) 邮件列表提问，或者参考这些网站：[[1]](https://libreswan.org/wiki/Main_Page) [[2]](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-securing_virtual_private_networks) [[3]](https://wiki.strongswan.org/projects/strongswan/wiki/UserDocumentation) [[4]](https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server) [[5]](https://wiki.archlinux.org/index.php/Openswan_L2TP/IPsec_VPN_client_setup)。
+- 如果你有改进建议或意见，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。
 - 如果你发现了一个可重复的程序漏洞，请提交一个 [GitHub Issue](https://github.com/hwdsl2/setup-ipsec-vpn/issues?q=is%3Aissue)。
 
 ## 卸载说明

README.md

@@ -80,7 +80,7 @@ This also includes Linux VMs in public clouds, such as [DigitalOcean](https://bl
 A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is also available. Advanced users can install on a [Raspberry Pi](https://www.raspberrypi.org). [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)
 
 <a name="debian-10-note"></a>
-\* Debian 11 or 10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel).   
+\* Debian 11/10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel).   
 <a name="centos-8-note"></a>
 \*\* CentOS Linux 8 [is no longer supported](https://wiki.centos.org/About/Product). You may use e.g. Rocky Linux or AlmaLinux OS.
 
@@ -153,7 +153,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
 
 ## Important notes
 
-*Read this in other languages: [English](README.md#important-notes), [简体中文](README-zh.md#重要提示). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](README.md#important-notes), [简体中文](README-zh.md#重要提示). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **Windows users**: For IPsec/L2TP mode, a [one-time registry change](docs/clients.md#windows-error-809) is required if the VPN server or client is behind NAT (e.g. home router).
 
@@ -171,7 +171,7 @@ The scripts will backup existing config files before making changes, with `.old-
 
 ## Upgrade Libreswan
 
-Use this one-liner to update [Libreswan](https://libreswan.org) ([changelog](https://github.com/libreswan/libreswan/blob/master/CHANGES) | [announce](https://lists.libreswan.org/mailman/listinfo/swan-announce)) on your VPN server. The latest supported version is `4.6`. Check installed version: `ipsec --version`.
+Use this one-liner to update [Libreswan](https://libreswan.org) ([changelog](https://github.com/libreswan/libreswan/blob/main/CHANGES) | [announce](https://lists.libreswan.org/mailman/listinfo/swan-announce)) on your VPN server. The latest supported version is `4.6`. Check installed version: `ipsec --version`.
 
 ```bash
 wget https://git.io/vpnupgrade -O vpnup.sh && sudo sh vpnup.sh
@@ -205,6 +205,7 @@ See [Advanced usage](docs/advanced-usage.md).
 
 - Got a question? Please first search [existing issues](https://github.com/hwdsl2/setup-ipsec-vpn/issues?q=is%3Aissue) and comments [in this Gist](https://gist.github.com/hwdsl2/9030462#comments) and [on my blog](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#disqus_thread).
 - Ask VPN related questions on the [Libreswan](https://lists.libreswan.org/mailman/listinfo/swan) or [strongSwan](https://lists.strongswan.org/mailman/listinfo/users) mailing list, or read these wikis: [[1]](https://libreswan.org/wiki/Main_Page) [[2]](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-securing_virtual_private_networks) [[3]](https://wiki.strongswan.org/projects/strongswan/wiki/UserDocumentation) [[4]](https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server) [[5]](https://wiki.archlinux.org/index.php/Openswan_L2TP/IPsec_VPN_client_setup).
+- Have a comment or suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).
 - If you found a reproducible bug, open a [GitHub Issue](https://github.com/hwdsl2/setup-ipsec-vpn/issues?q=is%3Aissue) to submit a bug report.
 
 ## Uninstallation

aws/README-zh.md

@@ -1,6 +1,6 @@
 # 使用 CloudFormation 在 Amazon EC2 上部署
 
-*其他语言版本: [English](README.md), [简体中文](README-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](README.md), [简体中文](README-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 使用这个模板，你可以在 Amazon Elastic Compute Cloud（Amazon EC2）上快速搭建一个 IPsec VPN 服务器。在继续之前，请参见 EC2 [定价细节](https://aws.amazon.com/cn/ec2/pricing/on-demand/)。在部署中使用 `t2.micro` 服务器实例可能符合 [AWS 免费套餐](https://aws.amazon.com/cn/free/) 的资格。
 

aws/README.md

@@ -1,6 +1,6 @@
 # Deploy to Amazon EC2 using CloudFormation
 
-*Read this in other languages: [English](README.md), [简体中文](README-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](README.md), [简体中文](README-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 This template will create a fully-working IPsec VPN server on Amazon Elastic Compute Cloud (Amazon EC2). Please make sure to check the EC2 [pricing details](https://aws.amazon.com/ec2/pricing/on-demand/) before continuing. Using a `t2.micro` server instance for your deployment may qualify for the [AWS Free Tier](https://aws.amazon.com/free/).
 

azure/README-zh.md

@@ -1,6 +1,6 @@
 # 在 Microsoft Azure 上部署
 
-*其他语言版本: [English](README.md), [简体中文](README-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](README.md), [简体中文](README-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 使用这个模板，你可以在 Microsoft Azure Cloud 上快速搭建一个 VPN 服务器 （[定价细节](https://azure.microsoft.com/zh-cn/pricing/details/virtual-machines/)）。
 

azure/README.md

@@ -1,6 +1,6 @@
 # Deploy to Microsoft Azure
 
-*Read this in other languages: [English](README.md), [简体中文](README-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](README.md), [简体中文](README-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 This template will create a fully working VPN server on the Microsoft Azure Cloud ([pricing details](https://azure.microsoft.com/en-us/pricing/details/virtual-machines/)).
 

docs/advanced-usage-zh.md

@@ -1,6 +1,6 @@
 # 高级用法
 
-*其他语言版本: [English](advanced-usage.md), [简体中文](advanced-usage-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](advanced-usage.md), [简体中文](advanced-usage-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 * [使用其他的 DNS 服务器](#使用其他的-dns-服务器)
 * [域名和更改服务器 IP](#域名和更改服务器-ip)

docs/advanced-usage.md

@@ -1,6 +1,6 @@
 # Advanced Usage
 
-*Read this in other languages: [English](advanced-usage.md), [简体中文](advanced-usage-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](advanced-usage.md), [简体中文](advanced-usage-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 * [Use alternative DNS servers](#use-alternative-dns-servers)
 * [DNS name and server IP changes](#dns-name-and-server-ip-changes)

docs/clients-xauth-zh.md

@@ -1,6 +1,6 @@
 # 配置 IPsec/XAuth VPN 客户端
 
-*其他语言版本: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **注：** 你也可以使用 [IKEv2](ikev2-howto-zh.md)（推荐）或者 [IPsec/L2TP](clients-zh.md) 模式连接。
 

docs/clients-xauth.md

@@ -1,6 +1,6 @@
 # Configure IPsec/XAuth VPN Clients
 
-*Read this in other languages: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode.
 

docs/clients-zh.md

@@ -1,6 +1,6 @@
 # 配置 IPsec/L2TP VPN 客户端
 
-*其他语言版本: [English](clients.md), [简体中文](clients-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](clients.md), [简体中文](clients-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **注：** 你也可以使用 [IKEv2](ikev2-howto-zh.md)（推荐）或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
 
@@ -41,7 +41,7 @@
 
 如果在连接过程中遇到错误，请参见 [故障排除](#故障排除)。
 
-### Windows 10 and 8.x
+### Windows 10 and 8
 
 1. 右键单击系统托盘中的无线/网络图标。
 1. 选择 **打开"网络和 Internet"设置**，然后在打开的页面中单击 **网络和共享中心**。
@@ -237,7 +237,7 @@ Fedora 28（和更新版本）和 CentOS 8/7 用户可以使用 [IPsec/XAuth](cl
 
 ## 故障排除
 
-*其他语言版本: [English](clients.md#troubleshooting), [简体中文](clients-zh.md#故障排除)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](clients.md#troubleshooting), [简体中文](clients-zh.md#故障排除)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **另见：** [检查日志及 VPN 状态](#检查日志及-vpn-状态)，[IKEv2 故障排除](ikev2-howto-zh.md#故障排除) 和 [高级用法](advanced-usage-zh.md)。
 
@@ -264,7 +264,7 @@ Fedora 28（和更新版本）和 CentOS 8/7 用户可以使用 [IPsec/XAuth](cl
 
 要解决此错误，在首次连接之前需要[修改一次注册表](https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809)，以解决 VPN 服务器 和/或 客户端与 NAT （比如家用路由器）的兼容问题。请下载并导入下面的 `.reg` 文件，或者打开 [提升权限命令提示符](http://www.cnblogs.com/xxcanghai/p/4610054.html) 并运行以下命令。**完成后必须重启计算机。**
 
-- 适用于 Windows Vista, 7, 8.x, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Windows_Vista_7_8_10_Reboot_Required.reg))
+- 适用于 Windows Vista, 7, 8, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Windows_Vista_7_8_10_Reboot_Required.reg))
 
   ```console
   REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
@@ -278,7 +278,7 @@ Fedora 28（和更新版本）和 CentOS 8/7 用户可以使用 [IPsec/XAuth](cl
 
 另外，某些个别的 Windows 系统配置禁用了 IPsec 加密，此时也会导致连接失败。要重新启用它，可以运行以下命令并重启。
 
-- 适用于 Windows XP, Vista, 7, 8.x, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Allow_IPsec_Reboot_Required.reg))
+- 适用于 Windows XP, Vista, 7, 8, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Allow_IPsec_Reboot_Required.reg))
 
   ```console
   REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v ProhibitIpSec /t REG_DWORD /d 0x0 /f
@@ -326,7 +326,7 @@ Fedora 28（和更新版本）和 CentOS 8/7 用户可以使用 [IPsec/XAuth](cl
 
 ### Windows DNS 泄漏和 IPv6
 
-Windows 8.x, 10 和 11 默认使用 "smart multi-homed name resolution" （智能多宿主名称解析）。如果你的因特网适配器的 DNS 服务器在本地网段上，在使用 Windows 自带的 IPsec VPN 客户端时可能会导致 "DNS 泄漏"。要解决这个问题，你可以 [禁用智能多宿主名称解析](https://www.neowin.net/news/guide-prevent-dns-leakage-while-using-a-vpn-on-windows-10-and-windows-8/)，或者配置你的因特网适配器以使用在你的本地网段之外的 DNS 服务器（比如 8.8.8.8 和 8.8.4.4）。在完成后[清除 DNS 缓存](https://support.opendns.com/hc/en-us/articles/227988627-How-to-clear-the-DNS-Cache-)并且重启计算机。
+Windows 8, 10 和 11 默认使用 "smart multi-homed name resolution" （智能多宿主名称解析）。如果你的因特网适配器的 DNS 服务器在本地网段上，在使用 Windows 自带的 IPsec VPN 客户端时可能会导致 "DNS 泄漏"。要解决这个问题，你可以 [禁用智能多宿主名称解析](https://www.neowin.net/news/guide-prevent-dns-leakage-while-using-a-vpn-on-windows-10-and-windows-8/)，或者配置你的因特网适配器以使用在你的本地网段之外的 DNS 服务器（比如 8.8.8.8 和 8.8.4.4）。在完成后[清除 DNS 缓存](https://support.opendns.com/hc/en-us/articles/227988627-How-to-clear-the-DNS-Cache-)并且重启计算机。
 
 另外，如果你的计算机启用了 IPv6，所有的 IPv6 流量（包括 DNS 请求）都将绕过 VPN。要在 Windows 上禁用 IPv6，请看[这里](https://support.microsoft.com/zh-cn/help/929852/guidance-for-configuring-ipv6-in-windows-for-advanced-users)。如果你需要支持 IPv6 的 VPN，可以另外尝试 [OpenVPN](https://github.com/Nyr/openvpn-install)。
 

docs/clients.md

@@ -1,6 +1,6 @@
 # Configure IPsec/L2TP VPN Clients
 
-*Read this in other languages: [English](clients.md), [简体中文](clients-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](clients.md), [简体中文](clients-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
 
@@ -41,7 +41,7 @@ To connect to the VPN: Click the **Connect** button, or click on the wireless/ne
 
 If you get an error when trying to connect, see [Troubleshooting](#troubleshooting).
 
-### Windows 10 and 8.x
+### Windows 10 and 8
 
 1. Right-click on the wireless/network icon in your system tray.
 1. Select **Open Network & Internet settings**, then on the page that opens, click **Network and Sharing Center**.
@@ -236,7 +236,7 @@ First check [here](https://github.com/nm-l2tp/NetworkManager-l2tp/wiki/Prebuilt-
 
 ## Troubleshooting
 
-*Read this in other languages: [English](clients.md#troubleshooting), [简体中文](clients-zh.md#故障排除). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](clients.md#troubleshooting), [简体中文](clients-zh.md#故障排除). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **See also:** [Check logs and VPN status](#check-logs-and-vpn-status), [IKEv2 troubleshooting](ikev2-howto.md#troubleshooting) and [Advanced usage](advanced-usage.md).
 
@@ -263,7 +263,7 @@ First check [here](https://github.com/nm-l2tp/NetworkManager-l2tp/wiki/Prebuilt-
 
 To fix this error, a [one-time registry change](https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809) is required because the VPN server and/or client is behind NAT (e.g. home router). Download and import the `.reg` file below, or run the following from an [elevated command prompt](http://www.winhelponline.com/blog/open-elevated-command-prompt-windows/). **You must reboot your PC when finished.**
 
-- For Windows Vista, 7, 8.x, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Windows_Vista_7_8_10_Reboot_Required.reg))
+- For Windows Vista, 7, 8, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Windows_Vista_7_8_10_Reboot_Required.reg))
 
   ```console
   REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
@@ -277,7 +277,7 @@ To fix this error, a [one-time registry change](https://documentation.meraki.com
 
 Although uncommon, some Windows systems disable IPsec encryption, causing the connection to fail. To re-enable it, run the following command and reboot your PC.
 
-- For Windows XP, Vista, 7, 8.x, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Allow_IPsec_Reboot_Required.reg))
+- For Windows XP, Vista, 7, 8, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Fix_VPN_Error_809_Allow_IPsec_Reboot_Required.reg))
 
   ```console
   REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v ProhibitIpSec /t REG_DWORD /d 0x0 /f
@@ -325,7 +325,7 @@ After upgrading Windows 10 version (e.g. from 1709 to 1803), you may need to re-
 
 ### Windows DNS leaks and IPv6
 
-Windows 8.x, 10 and 11 use "smart multi-homed name resolution" by default, which may cause "DNS leaks" when using the native IPsec VPN client if your DNS servers on the Internet adapter are from the local network segment. To fix, you may either [disable smart multi-homed name resolution](https://www.neowin.net/news/guide-prevent-dns-leakage-while-using-a-vpn-on-windows-10-and-windows-8/), or configure your Internet adapter to use DNS servers outside your local network (e.g. 8.8.8.8 and 8.8.4.4). When finished, [clear the DNS cache](https://support.opendns.com/hc/en-us/articles/227988627-How-to-clear-the-DNS-Cache-) and reboot your PC.
+Windows 8, 10 and 11 use "smart multi-homed name resolution" by default, which may cause "DNS leaks" when using the native IPsec VPN client if your DNS servers on the Internet adapter are from the local network segment. To fix, you may either [disable smart multi-homed name resolution](https://www.neowin.net/news/guide-prevent-dns-leakage-while-using-a-vpn-on-windows-10-and-windows-8/), or configure your Internet adapter to use DNS servers outside your local network (e.g. 8.8.8.8 and 8.8.4.4). When finished, [clear the DNS cache](https://support.opendns.com/hc/en-us/articles/227988627-How-to-clear-the-DNS-Cache-) and reboot your PC.
 
 In addition, if your computer has IPv6 enabled, all IPv6 traffic (including DNS queries) will bypass the VPN. Learn how to [disable IPv6](https://support.microsoft.com/en-us/help/929852/guidance-for-configuring-ipv6-in-windows-for-advanced-users) in Windows. If you need a VPN with IPv6 support, you could instead try [OpenVPN](https://github.com/Nyr/openvpn-install).
 

docs/ikev2-howto-zh.md

@@ -1,6 +1,6 @@
 # IKEv2 VPN 配置和使用指南
 
-*其他语言版本: [English](ikev2-howto.md), [简体中文](ikev2-howto-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](ikev2-howto.md), [简体中文](ikev2-howto-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **注：** 你也可以使用 [IPsec/L2TP](clients-zh.md) 或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
 
@@ -19,10 +19,10 @@
 
 Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来对 IKEv2 客户端进行身份验证。该方法无需 IPsec PSK, 用户名或密码。它可以用于以下系统：
 
-- Windows 7, 8.x, 10 和 11
+- Windows 7, 8, 10 和 11
 - OS X (macOS)
 - iOS (iPhone/iPad)
-- Android 4.x 和更新版本（使用 strongSwan VPN 客户端）
+- Android 4 和更新版本（使用 strongSwan VPN 客户端）
 - Linux
 
 在按照本指南操作之后，你将可以选择三种模式中的任意一种连接到 VPN：IKEv2，以及已有的 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式。
@@ -47,14 +47,14 @@ sudo ikev2.sh
 错误："sudo: ikev2.sh: command not found".
 </summary>
 
-如果你使用了较早版本的 VPN 安装脚本，这是正常的。请下载并运行 IKEv2 辅助脚本：
+如果你使用了较早版本的 VPN 安装脚本，这是正常的。首先下载 IKEv2 辅助脚本：
 
-```
-wget https://git.io/ikev2setup -O ~/ikev2.sh
-sudo bash ~/ikev2.sh --auto
+```bash
+wget https://git.io/ikev2setup -O /opt/src/ikev2.sh
+chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin
 ```
 
-**注：** 该脚本必须使用 `bash` 而不是 `sh` 运行。
+然后按照上面的说明运行脚本。
 </details>
 <details>
 <summary>
@@ -63,24 +63,36 @@ sudo bash ~/ikev2.sh --auto
 
 在使用自动模式安装 IKEv2 时，高级用户可以指定一个域名作为 VPN 服务器的地址。这是可选的。该域名必须是一个全称域名(FQDN)，它将被包含在生成的服务器证书中。示例如下：
 
-```
+```bash
 sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto
 ```
 
 类似地，你可以指定第一个 IKEv2 客户端的名称。这是可选的。如果未指定，则使用默认值 `vpnclient`。
 
-```
+```bash
 sudo VPN_CLIENT_NAME='your_client_name' ikev2.sh --auto
 ```
 
 在 VPN 已连接时，IKEv2 客户端默认配置为使用 [Google Public DNS](https://developers.google.com/speed/public-dns/)。在使用自动模式安装 IKEv2 时，你可以指定另外的 DNS 服务器。这是可选的。示例如下：
 
-```
+```bash
 sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 ikev2.sh --auto
 ```
 </details>
 <details>
 <summary>
+了解如何更新服务器上的 IKEv2 辅助脚本。
+</summary>
+
+IKEv2 辅助脚本会不时更新，以进行错误修复和改进（[更新日志](https://github.com/hwdsl2/setup-ipsec-vpn/commits/master/extras/ikev2setup.sh)）。 当有新版本可用时，你可以更新服务器上的 IKEv2 辅助脚本。这是可选的。请注意，这些命令将覆盖任何现有的 `ikev2.sh`。
+
+```bash
+wget https://git.io/ikev2setup -O /opt/src/ikev2.sh
+chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
+```
+</details>
+<details>
+<summary>
 单击此处查看 IKEv2 脚本的使用信息。
 </summary>
 
@@ -102,26 +114,26 @@ To customize IKEv2 or client options, run this script without arguments.
 
 ## 配置 IKEv2 VPN 客户端
 
-*其他语言版本: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **注：** 客户端配置文件的密码可以在 IKEv2 辅助脚本的输出中找到。如果你想要添加或者导出 IKEv2 客户端，只需重新运行[辅助脚本](#使用辅助脚本配置-ikev2)。使用参数 `-h` 显示使用信息。
 
-* [Windows 7, 8.x, 10 和 11](#windows-7-8x-10-和-11)
+* [Windows 7, 8, 10 和 11](#windows-7-8-10-和-11)
 * [OS X (macOS)](#os-x-macos)
 * [iOS (iPhone/iPad)](#ios)
 * [Android](#android)
 * [Linux](#linux)
 
-### Windows 7, 8.x, 10 和 11
+### Windows 7, 8, 10 和 11
 
-Windows 8.x, 10 和 11 用户可以自动导入 IKEv2 配置：
+Windows 8, 10 和 11 用户可以自动导入 IKEv2 配置：
 
 1. 将生成的 `.p12` 文件安全地传送到你的计算机。
 1. 右键单击 [ikev2_config_import.cmd](https://dl.ls20.com/scripts/ikev2_config_import.cmd) 并保存这个辅助脚本到与 `.p12` 文件 **相同的文件夹**。
 1. 右键单击保存的脚本，选择 **属性**。单击对话框下方的 **解除锁定**，然后单击 **确定**。
 1. 右键单击保存的脚本，选择 **以管理员身份运行** 并按提示操作。
 
-或者，你也可以手动导入 IKEv2 配置。这些步骤适用于 Windows 7, 8.x, 10 和 11。
+或者，你也可以手动导入 IKEv2 配置。这些步骤适用于 Windows 7, 8, 10 和 11。
 
 1. 将生成的 `.p12` 文件安全地传送到你的计算机，然后导入到 "计算机账户" 证书存储。要导入 `.p12` 文件，打开 [提升权限命令提示符](http://www.cnblogs.com/xxcanghai/p/4610054.html) 并运行以下命令：
 
@@ -132,7 +144,7 @@ Windows 8.x, 10 和 11 用户可以自动导入 IKEv2 配置：
 
    或者，你也可以手动导入 `.p12` 文件。详细步骤请看 [这里](https://wiki.strongswan.org/projects/strongswan/wiki/Win7Certs)。在导入证书后，你必须确保将客户端证书放在 "个人 -> 证书" 目录中，并且将 CA 证书放在 "受信任的根证书颁发机构 -> 证书" 目录中。
 
-1. 在 Windows 计算机上添加一个新的 IKEv2 VPN 连接。对于 Windows 8.x, 10 和 11，推荐从命令提示符运行以下命令创建 VPN 连接，以达到更佳的安全性和性能。Windows 7 不支持这些命令，你可以手动创建 VPN 连接（见下面）。
+1. 在 Windows 计算机上添加一个新的 IKEv2 VPN 连接。对于 Windows 8, 10 和 11，推荐从命令提示符运行以下命令创建 VPN 连接，以达到更佳的安全性和性能。Windows 7 不支持这些命令，你可以手动创建 VPN 连接（见下面）。
 
    ```console
    # 创建 VPN 连接（将服务器地址换成你自己的值）
@@ -145,7 +157,7 @@ Windows 8.x, 10 和 11 用户可以自动导入 IKEv2 配置：
 
 1. （**此步骤为必须，如果你手动创建了 VPN 连接**）为 IKEv2 启用更强的加密算法，通过修改一次注册表来实现。请下载并导入下面的 `.reg` 文件，或者打开提升权限命令提示符并运行以下命令。更多信息请看 [这里](https://wiki.strongswan.org/projects/strongswan/wiki/WindowsClients#AES-256-CBC-and-MODP2048)。
 
-   - 适用于 Windows 7, 8.x, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Enable_Stronger_Ciphers_for_IKEv2_on_Windows.reg))
+   - 适用于 Windows 7, 8, 10 和 11 ([下载 .reg 文件](https://dl.ls20.com/reg-files/v1/Enable_Stronger_Ciphers_for_IKEv2_on_Windows.reg))
 
      ```console
      REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v NegotiateDH2048_AES256 /t REG_DWORD /d 0x1 /f
@@ -756,7 +768,7 @@ sudo ikev2.sh --revokeclient [client name]
 
 ## 故障排除
 
-*其他语言版本: [English](ikev2-howto.md#troubleshooting), [简体中文](ikev2-howto-zh.md#故障排除)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](ikev2-howto.md#troubleshooting), [简体中文](ikev2-howto-zh.md#故障排除)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 **另见：** [检查日志及 VPN 状态](clients-zh.md#检查日志及-vpn-状态)，[IKEv1 故障排除](clients-zh.md#故障排除) 和 [高级用法](advanced-usage-zh.md)。
 

docs/ikev2-howto.md

@@ -1,6 +1,6 @@
 # Guide: How to Set Up and Use IKEv2 VPN
 
-*Read this in other languages: [English](ikev2-howto.md), [简体中文](ikev2-howto-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](ikev2-howto.md), [简体中文](ikev2-howto-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **Note:** You may also connect using [IPsec/L2TP](clients.md) or [IPsec/XAuth](clients-xauth.md) mode.
 
@@ -19,10 +19,10 @@ Modern operating systems (such as Windows 7 and newer) support the IKEv2 standar
 
 Libreswan can authenticate IKEv2 clients on the basis of X.509 Machine Certificates using RSA signatures. This method does not require an IPsec PSK, username or password. It can be used with:
 
-- Windows 7, 8.x, 10 and 11
+- Windows 7, 8, 10 and 11
 - OS X (macOS)
 - iOS (iPhone/iPad)
-- Android 4.x and newer (using the strongSwan VPN client)
+- Android 4 and newer (using the strongSwan VPN client)
 - Linux
 
 After following this guide, you will be able to connect to the VPN using IKEv2 in addition to the existing [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes.
@@ -47,14 +47,14 @@ When finished, continue to [configure IKEv2 VPN clients](#configure-ikev2-vpn-cl
 Error: "sudo: ikev2.sh: command not found".
 </summary>
 
-This is normal if you used an older version of the VPN setup script. Please download and run the IKEv2 helper script:
+This is normal if you used an older version of the VPN setup script. First, download the IKEv2 helper script:
 
-```
-wget https://git.io/ikev2setup -O ~/ikev2.sh
-sudo bash ~/ikev2.sh --auto
+```bash
+wget https://git.io/ikev2setup -O /opt/src/ikev2.sh
+chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin
 ```
 
-**Note:** The script must be run using `bash`, not `sh`.
+Then run the script using the instructions above.
 </details>
 <details>
 <summary>
@@ -63,24 +63,36 @@ You may optionally specify a DNS name, client name and/or custom DNS servers. Cl
 
 When running IKEv2 setup in auto mode, advanced users can optionally specify a DNS name to be used as the VPN server's address. The DNS name must be a fully qualified domain name (FQDN). It will be included in the generated server certificate. Example:
 
-```
+```bash
 sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto
 ```
 
 Similarly, you may optionally specify a name for the first IKEv2 client. The default is `vpnclient` if not specified.
 
-```
+```bash
 sudo VPN_CLIENT_NAME='your_client_name' ikev2.sh --auto
 ```
 
 By default, IKEv2 clients are set to use [Google Public DNS](https://developers.google.com/speed/public-dns/) when the VPN is active. When running IKEv2 setup in auto mode, you may optionally specify custom DNS server(s). Example:
 
-```
+```bash
 sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 ikev2.sh --auto
 ```
 </details>
 <details>
 <summary>
+Learn how to update the IKEv2 helper script on your server.
+</summary>
+
+The IKEv2 helper script is updated from time to time for bug fixes and improvements ([commit log](https://github.com/hwdsl2/setup-ipsec-vpn/commits/master/extras/ikev2setup.sh)). When a newer version is available, you may optionally update the IKEv2 helper script on your server. Note that these commands will overwrite any existing `ikev2.sh`.
+
+```bash
+wget https://git.io/ikev2setup -O /opt/src/ikev2.sh
+chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
+```
+</details>
+<details>
+<summary>
 Click here to view usage information for the IKEv2 script.
 </summary>
 
@@ -102,26 +114,26 @@ To customize IKEv2 or client options, run this script without arguments.
 
 ## Configure IKEv2 VPN clients
 
-*Read this in other languages: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **Note:** The password for client configuration files can be found in the output of the IKEv2 helper script. If you want to add or export IKEv2 client(s), just run the [helper script](#set-up-ikev2-using-helper-script) again. Use option `-h` to show usage information.
 
-* [Windows 7, 8.x, 10 and 11](#windows-7-8x-10-and-11)
+* [Windows 7, 8, 10 and 11](#windows-7-8-10-and-11)
 * [OS X (macOS)](#os-x-macos)
 * [iOS (iPhone/iPad)](#ios)
 * [Android](#android)
 * [Linux](#linux)
 
-### Windows 7, 8.x, 10 and 11
+### Windows 7, 8, 10 and 11
 
-Windows 8.x, 10 and 11 users can automatically import IKEv2 configuration:
+Windows 8, 10 and 11 users can automatically import IKEv2 configuration:
 
 1. Securely transfer the generated `.p12` file to your computer.
-1. Right-click [ikev2_config_import.cmd](https://dl.ls20.com/scripts/ikev2_config_import.cmd) and save this helper script to the **same folder** as the `.p12` file.
+1. Right-click on [ikev2_config_import.cmd](https://dl.ls20.com/scripts/ikev2_config_import.cmd) and save this helper script to the **same folder** as the `.p12` file.
 1. Right-click on the saved script, select **Properties**. Click on **Unblock** at the bottom, then click on **OK**.
 1. Right-click on the saved script, select **Run as administrator** and follow the prompts.
 
-Alternatively, you may manually import IKEv2 configuration. These steps apply to Windows 7, 8.x, 10 and 11.
+Alternatively, you may manually import IKEv2 configuration. These steps apply to Windows 7, 8, 10 and 11.
 
 1. Securely transfer the generated `.p12` file to your computer, then import it into the "Computer account" certificate store. To import the `.p12` file, run the following from an [elevated command prompt](http://www.winhelponline.com/blog/open-elevated-command-prompt-windows/):
 
@@ -132,7 +144,7 @@ Alternatively, you may manually import IKEv2 configuration. These steps apply to
 
    Alternatively, you can manually import the `.p12` file. Click [here](https://wiki.strongswan.org/projects/strongswan/wiki/Win7Certs) for instructions. Make sure that the client cert is placed in "Personal -> Certificates", and the CA cert is placed in "Trusted Root Certification Authorities -> Certificates".
 
-1. On the Windows computer, add a new IKEv2 VPN connection. For Windows 8.x, 10 and 11, it is recommended to create the VPN connection using the following commands from a command prompt, for improved security and performance. Windows 7 does not support these commands, you may manually create the VPN connection (see below).
+1. On the Windows computer, add a new IKEv2 VPN connection. For Windows 8, 10 and 11, it is recommended to create the VPN connection using the following commands from a command prompt, for improved security and performance. Windows 7 does not support these commands, you may manually create the VPN connection (see below).
 
    ```console
    # Create VPN connection (replace server address with your own value)
@@ -145,7 +157,7 @@ Alternatively, you may manually import IKEv2 configuration. These steps apply to
 
 1. (**This step is required if you manually created the VPN connection**) Enable stronger ciphers for IKEv2 with a one-time registry change. Download and import the `.reg` file below, or run the following from an elevated command prompt. Read more [here](https://wiki.strongswan.org/projects/strongswan/wiki/WindowsClients#AES-256-CBC-and-MODP2048).
 
-   - For Windows 7, 8.x, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Enable_Stronger_Ciphers_for_IKEv2_on_Windows.reg))
+   - For Windows 7, 8, 10 and 11 ([download .reg file](https://dl.ls20.com/reg-files/v1/Enable_Stronger_Ciphers_for_IKEv2_on_Windows.reg))
 
      ```console
      REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v NegotiateDH2048_AES256 /t REG_DWORD /d 0x1 /f
@@ -758,7 +770,7 @@ Before continuing, you **must** restart the IPsec service. The IKEv2 setup on th
 
 ## Troubleshooting
 
-*Read this in other languages: [English](ikev2-howto.md#troubleshooting), [简体中文](ikev2-howto-zh.md#故障排除). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](ikev2-howto.md#troubleshooting), [简体中文](ikev2-howto-zh.md#故障排除). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 **See also:** [Check logs and VPN status](clients.md#check-logs-and-vpn-status), [IKEv1 troubleshooting](clients.md#troubleshooting) and [Advanced usage](advanced-usage.md).
 

docs/manage-users-zh.md

@@ -1,6 +1,6 @@
 # 管理 VPN 用户
 
-*其他语言版本: [English](manage-users.md), [简体中文](manage-users-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](manage-users.md), [简体中文](manage-users-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 在默认情况下，将只创建一个用于 VPN 登录的用户账户。如果你需要查看或管理 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式的用户，请阅读本文档。对于 IKEv2，参见 [管理客户端证书](ikev2-howto-zh.md#管理客户端证书)。
 

docs/manage-users.md

@@ -1,6 +1,6 @@
 # Manage VPN Users
 
-*Read this in other languages: [English](manage-users.md), [简体中文](manage-users-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](manage-users.md), [简体中文](manage-users-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 By default, a single user account for VPN login is created. If you wish to view or manage users for the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes, read this document. For IKEv2, see [Manage client certificates](ikev2-howto.md#manage-client-certificates).
 

docs/uninstall-zh.md

@@ -1,6 +1,6 @@
 # 卸载 VPN
 
-*其他语言版本: [English](uninstall.md), [简体中文](uninstall-zh.md)。如果你有改进建议，可以在<a href="https://blog.ls20.com/vpnfeedback" target="_blank">这里</a>提交。*
+*其他语言版本: [English](uninstall.md), [简体中文](uninstall-zh.md)。如果你有改进建议，可以在 [这里](https://blog.ls20.com/vpnfeedback) 提交。*
 
 * [使用辅助脚本卸载 VPN](#使用辅助脚本卸载-vpn)
 * [手动卸载 VPN](#手动卸载-vpn)

docs/uninstall.md

@@ -1,6 +1,6 @@
 # Uninstall the VPN
 
-*Read this in other languages: [English](uninstall.md), [简体中文](uninstall-zh.md). Have a suggestion? <a href="https://blog.ls20.com/vpnfeedback" target="_blank">Submit feedback</a>.*
+*Read this in other languages: [English](uninstall.md), [简体中文](uninstall-zh.md). Have a suggestion? [Send feedback](https://blog.ls20.com/vpnfeedback).*
 
 * [Uninstall using helper script](#uninstall-using-helper-script)
 * [Manually uninstall the VPN](#manually-uninstall-the-vpn)