1
0
mirror of synced 2024-11-29 16:16:03 +03:00

Improve docs for Windows clients

[ci skip]
This commit is contained in:
hwdsl2 2016-05-31 15:40:22 -05:00
parent 2cf4899e72
commit 003ccc4445
6 changed files with 66 additions and 18 deletions

View File

@ -103,7 +103,7 @@ sudo sh vpnsetup_centos.sh
## 重要提示 ## 重要提示
**Windows 用户** 在首次连接之前需要<a href="docs/clients-zh.md#regkey" target="_blank">修改一次注册表</a>,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到 `Error 628` ,请打开 VPN 连接属性的<a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">"安全"选项卡</a>,启用 `CHAP` 选项并禁用 `MS-CHAP v2` **Windows 用户** 在首次连接之前需要<a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">修改一次注册表</a>,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到 `Error 628` ,请打开 VPN 连接属性的"安全"选项卡,并确保<a href="https://cloud.githubusercontent.com/assets/5704064/14538812/96b4f930-024b-11e6-9d81-fa3d3db1ce33.png" target="_blank">仅选中 "CHAP" 选项</a>
**Android 6 (Marshmallow) 用户** 请参考此文档中的注释: <a href="docs/clients-zh.md#android" target="_blank">配置 IPsec/L2TP VPN 客户端</a> **Android 6 (Marshmallow) 用户** 请参考此文档中的注释: <a href="docs/clients-zh.md#android" target="_blank">配置 IPsec/L2TP VPN 客户端</a>

View File

@ -103,7 +103,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
## Important Notes ## Important Notes
For **Windows users**, a <a href="docs/clients.md#regkey" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). Also, if you see `Error 628`, go to <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">the "Security" tab</a> of VPN connection properties, enable `CHAP` and disable `MS-CHAP v2`. For **Windows users**, a <a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). Also, if you see `Error 628`, go to the "Security" tab of VPN connection properties and make sure <a href="https://cloud.githubusercontent.com/assets/5704064/14538812/96b4f930-024b-11e6-9d81-fa3d3db1ce33.png" target="_blank">only "CHAP" is selected</a>.
**Android 6 (Marshmallow) users** Please see notes in <a href="docs/clients.md#android" target="_blank">Configure IPsec/L2TP VPN Clients</a>. **Android 6 (Marshmallow) users** Please see notes in <a href="docs/clients.md#android" target="_blank">Configure IPsec/L2TP VPN Clients</a>.

View File

@ -6,7 +6,7 @@
在成功<a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">搭建自己的VPN服务器</a>之后你可以按照下面的步骤来配置你的设备。IPsec/XAuth 在 Android, iOS 和 OS X 上均受支持无需安装额外的软件。Windows 用户可以使用免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft 客户端</a>。如果无法连接,请首先检查是否输入了正确的用户名和密码。 在成功<a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">搭建自己的VPN服务器</a>之后你可以按照下面的步骤来配置你的设备。IPsec/XAuth 在 Android, iOS 和 OS X 上均受支持无需安装额外的软件。Windows 用户可以使用免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft 客户端</a>。如果无法连接,请首先检查是否输入了正确的用户名和密码。
`IPsec/XAuth` 模式也称为 `Cisco IPsec`。和 `IPsec/L2TP` 相比较,它通常能够更快速和更高效地传输数据。 `IPsec/XAuth` 模式也称为 `Cisco IPsec`。和 `IPsec/L2TP` 相比较,它通常能够更高效地传输数据。
--- ---
* 平台名称 * 平台名称
@ -17,7 +17,7 @@
### Windows ### ### Windows ###
注: 你也可以使用 [IPsec/L2TP 模式](clients-zh.md) 连接,无需安装额外的软件。 **注:** 你也可以使用 [IPsec/L2TP 模式](clients-zh.md) 连接,无需安装额外的软件。
1. 下载并安装免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN 客户端</a> 1. 下载并安装免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN 客户端</a>
1. 单击开始菜单 -> 所有程序 -> ShrewSoft VPN Client -> VPN Access Manager 1. 单击开始菜单 -> 所有程序 -> ShrewSoft VPN Client -> VPN Access Manager

View File

@ -17,7 +17,7 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
### Windows ### ### Windows ###
Note: You may also connect using [IPsec/L2TP mode](clients.md). No additional software is required. **Note:** You can also connect using [IPsec/L2TP mode](clients.md). No additional software is required.
1. Download and install the free <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN client</a>. 1. Download and install the free <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN client</a>.
1. Click Start Menu -> All Programs -> ShrewSoft VPN Client -> VPN Access Manager 1. Click Start Menu -> All Programs -> ShrewSoft VPN Client -> VPN Access Manager
@ -100,7 +100,7 @@ Once connected, you will see a VPN icon in the notification bar. You can verify
Once connected, you will see a VPN icon in the status bar. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`". Once connected, you will see a VPN icon in the status bar. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`".
## Acknowledgement ## Credits
This document was adapted from the <a href="https://github.com/jlund/streisand" target="_blank">Streisand</a> project by Joshua Lund and contributors. This document was adapted from the <a href="https://github.com/jlund/streisand" target="_blank">Streisand</a> project by Joshua Lund and contributors.

View File

@ -15,11 +15,34 @@
* [Chromebook](#chromebook) * [Chromebook](#chromebook)
### Windows ### ### Windows ###
**Windows 10 and 8.x:**
1. 右键单击系统托盘中的无线/网络图标。
1. 选择 **打开网络与共享中心**
1. 单击 **设置新的连接或网络**
1. 选择 **连接到工作区**,然后单击 **下一步**
1. 单击 **使用我的Internet连接 (VPN)**
1. 在 **Internet地址** 字段中输入`你的 VPN 服务器 IP`。
1. 在 **目标名称** 字段中输入任意内容。单击 **创建**
1. 右键单击系统托盘中的无线/网络图标,选择 **打开网络与共享中心**
1. 单击左侧的 **更改适配器设置**。右键单击新的 VPN 连接,并选择 **属性**
1. 单击 **安全** 选项卡,从 **VPN 类型** 下拉菜单中选择 "使用 IPsec 的第 2 层隧道协议 (L2TP/IPSec)"。
1. 单击 **允许使用这些协议**。选中 "质询握手身份验证协议 (CHAP)" 复选框,并且取消选中其它项。
1. 单击 **高级设置** 按钮。
1. 单击 **使用预共享密钥作身份验证** 并在 **密钥** 字段中输入`你的 VPN IPsec PSK`。
1. 单击 **确定** 关闭 **高级设置**
1. 单击 **确定** 保存 VPN 连接的详细信息。
**注:** 在首次连接之前需要修改一次注册表。请参见下面的说明。
**Windows 7, Vista and XP:**
1. 单击开始菜单,选择控制面板。 1. 单击开始菜单,选择控制面板。
1. 进入 **网络和Internet** 部分。 1. 进入 **网络和Internet** 部分。
1. 单击 **网络与共享中心** 1. 单击 **网络与共享中心**
1. 单击 **设置新的连接或网络** 1. 单击 **设置新的连接或网络**
1. 选择 **连接到工作区**,然后单击**下一步**。 1. 选择 **连接到工作区**,然后单击 **下一步**
1. 单击 **使用我的Internet连接 (VPN)** 1. 单击 **使用我的Internet连接 (VPN)**
1. 在 **Internet地址** 字段中输入`你的 VPN 服务器 IP`。 1. 在 **Internet地址** 字段中输入`你的 VPN 服务器 IP`。
1. 在 **目标名称** 字段中输入任意内容。 1. 在 **目标名称** 字段中输入任意内容。
@ -28,18 +51,19 @@
1. 在 **用户名** 字段中输入`你的 VPN 用户名`。 1. 在 **用户名** 字段中输入`你的 VPN 用户名`。
1. 在 **密码** 字段中输入`你的 VPN 密码`。 1. 在 **密码** 字段中输入`你的 VPN 密码`。
1. 选中 **记住此密码** 复选框。 1. 选中 **记住此密码** 复选框。
1. 单击 **连接**,然后单击 **关闭** 按钮。 1. 单击 **创建**,然后单击 **关闭** 按钮。
1. 返回到控制面板中的 **网络和Internet** 部分,然后单击 **连接到网络** 选项 1. 右键单击系统托盘中的无线/网络图标,选择 **打开网络与共享中心**
1. 右键单击新的VPN连接并选择 **属性** 1. 单击左侧的 **更改适配器设置**右键单击新的 VPN 连接,并选择 **属性**
1. 单击 **选项** 选项卡,取消选中 **包含Windows登录域** 复选框。 1. 单击 **选项** 选项卡,取消选中 **包含Windows登录域** 复选框。
1. 单击 **安全** 选项卡,从 **VPN 类型** 下拉菜单中选择 **使用 IPsec 的第 2 层隧道协议 (L2TP/IPSec)**。在 **允许使用这些协议** 下,选中 `CHAP` 复选框,并且取消选中 `MS-CHAP v2` 1. 单击 **安全** 选项卡,从 **VPN 类型** 下拉菜单中选择 "使用 IPsec 的第 2 层隧道协议 (L2TP/IPSec)"。
1. 单击 **允许使用这些协议**。选中 "质询握手身份验证协议 (CHAP)" 复选框,并且取消选中其它项。
1. 单击 **高级设置** 按钮。 1. 单击 **高级设置** 按钮。
1. 单击 **使用预共享密钥作身份验证** 并在 **密钥** 字段中输入`你的 VPN IPsec PSK`。 1. 单击 **使用预共享密钥作身份验证** 并在 **密钥** 字段中输入`你的 VPN IPsec PSK`。
1. 单击 **确定** 关闭 **高级设置** 1. 单击 **确定** 关闭 **高级设置**
1. 单击 **确定** 保存 VPN 连接的详细信息。 1. 单击 **确定** 保存 VPN 连接的详细信息。
<a id="regkey"></a> <a id="regkey"></a>
要连接到 VPN,只需在系统托盘中的无线/网络图标上单击右键,选择新的 VPN 连接,然后单击 **连接**。最后你可以到<a href="https://www.whatismyip.com" target="_blank">这里</a>检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。 要连接到 VPN 单击系统托盘中的无线/网络图标,选择新的 VPN 连接,然后单击 **连接**。如果出现提示,在登录窗口中输入 `你的 VPN 用户名``密码` ,并单击 **确定**。最后你可以到<a href="https://www.whatismyip.com" target="_blank">这里</a>检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
**注:** 在首次连接之前需要<a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">修改一次注册表</a>,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。请参照链接文章中的说明,或者打开<a href="http://windows.microsoft.com/zh-cn/windows/command-prompt-faq#1TC=windows-7" target="_blank">提升权限命令提示符</a>并运行以下命令。完成后必须重新启动计算机。 **注:** 在首次连接之前需要<a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">修改一次注册表</a>,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。请参照链接文章中的说明,或者打开<a href="http://windows.microsoft.com/zh-cn/windows/command-prompt-faq#1TC=windows-7" target="_blank">提升权限命令提示符</a>并运行以下命令。完成后必须重新启动计算机。
- 适用于 Windows Vista 及以上版本 - 适用于 Windows Vista 及以上版本

View File

@ -15,6 +15,29 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
* [Chromebook](#chromebook) * [Chromebook](#chromebook)
### Windows ### ### Windows ###
**Windows 10 and 8.x:**
1. Right-click on the wireless/network icon in your system tray.
1. Select **Open Network and Sharing Center**.
1. Click **Set up a new connection or network**.
1. Select **Connect to a workplace** and click **Next**.
1. Click **Use my Internet connection (VPN)**.
1. Enter `Your VPN Server IP` in the **Internet address** field.
1. Enter anything you like in the **Destination name** field, and then click **Create**.
1. Right-click on the wireless/network icon in your system tray, select **Open Network and Sharing Center**.
1. On the left, click **Change adapter settings**. Right-click on the new VPN entry and choose **Properties**.
1. Click the **Security** tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the **Type of VPN**.
1. Click **Allow these protocols**. Select "Challenge Handshake Authentication Protocol (CHAP)" and deselect others.
1. Click the **Advanced settings** button.
1. Select **Use preshared key for authentication** and enter `Your VPN IPsec PSK` for the **Key**.
1. Click **OK** to close the **Advanced settings**.
1. Click **OK** to save the VPN connection details.
**Note:** A one-time registry change is required before connecting. See notes below.
**Windows 7, Vista and XP:**
1. Click on the Start Menu and go to the Control Panel. 1. Click on the Start Menu and go to the Control Panel.
1. Go to the **Network and Internet** section. 1. Go to the **Network and Internet** section.
1. Click **Network and Sharing Center**. 1. Click **Network and Sharing Center**.
@ -28,18 +51,19 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
1. Enter `Your VPN Username` in the **User name** field. 1. Enter `Your VPN Username` in the **User name** field.
1. Enter `Your VPN Password` in the **Password** field. 1. Enter `Your VPN Password` in the **Password** field.
1. Check the **Remember this password** checkbox. 1. Check the **Remember this password** checkbox.
1. Click **Connect**, then click the **Close** button. 1. Click **Create**, and then **Close**.
1. Return to the Control Panel's **Network and Internet** section and click on the **Connect to a network** option. 1. Right-click on the wireless/network icon in your system tray, select **Open Network and Sharing Center**.
1. Right-click on the new VPN connection and choose **Properties**. 1. On the left, click **Change adapter settings**. Right-click on the new VPN entry and choose **Properties**.
1. Click the **Options** tab and uncheck **Include Windows logon domain**. 1. Click the **Options** tab and uncheck **Include Windows logon domain**.
1. Click the **Security** tab and select **Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)** from the **Type of VPN** drop-down menu. Under "Allow these protocols", select the `CHAP` checkbox, and de-select `MS-CHAP v2`. 1. Click the **Security** tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the **Type of VPN**.
1. Click **Allow these protocols**. Select "Challenge Handshake Authentication Protocol (CHAP)" and deselect others.
1. Click the **Advanced settings** button. 1. Click the **Advanced settings** button.
1. Select **Use preshared key for authentication** and enter `Your VPN IPsec PSK` for the **Key**. 1. Select **Use preshared key for authentication** and enter `Your VPN IPsec PSK` for the **Key**.
1. Click **OK** to close the **Advanced settings**. 1. Click **OK** to close the **Advanced settings**.
1. Click **OK** to save the VPN connection details. 1. Click **OK** to save the VPN connection details.
<a id="regkey"></a> <a id="regkey"></a>
To connect to the VPN, simply right-click on the wireless/network icon in your system tray, select the new VPN connection, and click **Connect**. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`". To connect to the VPN: Click on the wireless/network icon in your system tray, select the new VPN entry, and click **Connect**. If prompted, enter `Your VPN Username` and `Password`, then click **OK**. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`".
**Note:** A <a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). Please refer to the linked page, or run the following from an <a href="http://windows.microsoft.com/en-us/windows/command-prompt-faq#1TC=windows-7" target="_blank">elevated command prompt</a>. You must reboot your computer when done. **Note:** A <a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). Please refer to the linked page, or run the following from an <a href="http://windows.microsoft.com/en-us/windows/command-prompt-faq#1TC=windows-7" target="_blank">elevated command prompt</a>. You must reboot your computer when done.
- For Windows Vista and newer - For Windows Vista and newer
@ -123,7 +147,7 @@ Once connected, you will see a VPN icon in the status bar. You can verify that y
Once connected, you will see a VPN icon overlay on the network status icon. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`". Once connected, you will see a VPN icon overlay on the network status icon. You can verify that your traffic is being routed properly by <a href="https://encrypted.google.com/search?q=my+ip" target="_blank">looking up your IP address on Google</a>. It should say "Your public IP address is `Your VPN Server IP`".
## Acknowledgement ## Credits
This document was adapted from the <a href="https://github.com/jlund/streisand" target="_blank">Streisand</a> project by Joshua Lund and contributors. This document was adapted from the <a href="https://github.com/jlund/streisand" target="_blank">Streisand</a> project by Joshua Lund and contributors.