From 0442d25217b74dcb9e7804ee2d2f4b668b2cd8b0 Mon Sep 17 00:00:00 2001 From: hwdsl2 <hwdsl2@users.noreply.github.com> Date: Sun, 21 Oct 2018 20:25:34 -0500 Subject: [PATCH] Update IKEv2 docs --- docs/ikev2-howto-zh.md | 8 +++++--- docs/ikev2-howto.md | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md index 2f87c9b..0260b19 100644 --- a/docs/ikev2-howto-zh.md +++ b/docs/ikev2-howto-zh.md @@ -25,7 +25,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来 ```bash $ PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com) - $ printf '%s' "$PUBLIC_IP" + $ printf '%s\n' "$PUBLIC_IP" (检查显示的公共 IP) ``` @@ -98,7 +98,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来 1. 生成 Certificate Authority (CA) 和 VPN 服务器证书: - **注:** 使用 "-v" 参数指定证书的有效期(单位:月),例如 "-v 36"。另外,如果你在上面的第一步使用了服务器的域名而不是 IP 地址,则需要将以下命令中的 `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` 换成 `--extSAN "dns:$PUBLIC_IP"`。 + **注:** 使用 "-v" 参数指定证书的有效期(单位:月),例如 "-v 36"。 ```bash $ certutil -z <(head -c 1024 /dev/urandom) \ @@ -118,6 +118,8 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来 N ``` + **注:** 如果你在上面的第一步指定了服务器的域名(而不是 IP 地址),则必须将以下命令中的 `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` 换成 `--extSAN "dns:$PUBLIC_IP"`。 + ```bash $ certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \ @@ -192,7 +194,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来 $ service ipsec restart ``` -1. 按照你的操作系统对应的步骤操作。请注意,如果你在上面的第一步指定了服务器的域名,则需要在 **服务器地址** 和 **远程 ID** 字段中输入该域名而不是 IP 地址。 +1. 按照下面你的操作系统对应的步骤操作。**注:** 如果你在上面的第一步指定了服务器的域名(而不是 IP 地址),则必须在 **服务器地址** 和 **远程 ID** 字段中输入该域名。 #### Windows 7, 8.x 和 10 diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md index 8550699..7fa6da1 100644 --- a/docs/ikev2-howto.md +++ b/docs/ikev2-howto.md @@ -25,7 +25,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h ```bash $ PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com) - $ printf '%s' "$PUBLIC_IP" + $ printf '%s\n' "$PUBLIC_IP" (Check the displayed public IP) ``` @@ -98,7 +98,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h 1. Generate Certificate Authority (CA) and VPN server certificates: - **Note:** Specify the certificate validity period (in months) with "-v". e.g. "-v 36". Also, if you used the server's DNS name instead of its IP address in step 1 above, replace `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` in the command below with `--extSAN "dns:$PUBLIC_IP"`. + **Note:** Specify the certificate validity period (in months) with "-v". e.g. "-v 36". ```bash $ certutil -z <(head -c 1024 /dev/urandom) \ @@ -118,6 +118,8 @@ Before continuing, make sure you have successfully <a href="https://github.com/h N ``` + **Note:** If you specified the server's DNS name (instead of its IP address) in step 1 above, you must replace `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` in the command below with `--extSAN "dns:$PUBLIC_IP"`. + ```bash $ certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \ @@ -192,7 +194,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h $ service ipsec restart ``` -1. Follow instructions for your operating system. Note that if you specified your server's DNS name in step 1 above, enter the DNS name instead of IP address in the **Server** and **Remote ID** fields. +1. Follow instructions below for your operating system. **Note:** If you specified the server's DNS name (instead of its IP address) in step 1 above, you must enter the DNS name in the **Server** and **Remote ID** fields. #### Windows 7, 8.x and 10