From 0442d25217b74dcb9e7804ee2d2f4b668b2cd8b0 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sun, 21 Oct 2018 20:25:34 -0500
Subject: [PATCH] Update IKEv2 docs

---
 docs/ikev2-howto-zh.md | 8 +++++---
 docs/ikev2-howto.md    | 8 +++++---
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md
index 2f87c9b..0260b19 100644
--- a/docs/ikev2-howto-zh.md
+++ b/docs/ikev2-howto-zh.md
@@ -25,7 +25,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
 
    ```bash
    $ PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
-   $ printf '%s' "$PUBLIC_IP"
+   $ printf '%s\n' "$PUBLIC_IP"
    (检查显示的公共 IP)
    ```
 
@@ -98,7 +98,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
 
 1. 生成 Certificate Authority (CA) 和 VPN 服务器证书:
 
-   **注:** 使用 "-v" 参数指定证书的有效期(单位:月),例如 "-v 36"。另外,如果你在上面的第一步使用了服务器的域名而不是 IP 地址,则需要将以下命令中的 `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` 换成 `--extSAN "dns:$PUBLIC_IP"`。
+   **注:** 使用 "-v" 参数指定证书的有效期(单位:月),例如 "-v 36"。
 
    ```bash
    $ certutil -z <(head -c 1024 /dev/urandom) \
@@ -118,6 +118,8 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
    N
    ```
 
+   **注:** 如果你在上面的第一步指定了服务器的域名(而不是 IP 地址),则必须将以下命令中的 `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` 换成 `--extSAN "dns:$PUBLIC_IP"`。
+
    ```bash
    $ certutil -z <(head -c 1024 /dev/urandom) \
      -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \
@@ -192,7 +194,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
    $ service ipsec restart
    ```
 
-1. 按照你的操作系统对应的步骤操作。请注意,如果你在上面的第一步指定了服务器的域名,则需要在 **服务器地址** 和 **远程 ID** 字段中输入该域名而不是 IP 地址。
+1. 按照下面你的操作系统对应的步骤操作。**注:** 如果你在上面的第一步指定了服务器的域名(而不是 IP 地址),则必须在 **服务器地址** 和 **远程 ID** 字段中输入该域名。
 
    #### Windows 7, 8.x 和 10
 
diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md
index 8550699..7fa6da1 100644
--- a/docs/ikev2-howto.md
+++ b/docs/ikev2-howto.md
@@ -25,7 +25,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
 
    ```bash
    $ PUBLIC_IP=$(wget -t 3 -T 15 -qO- http://ipv4.icanhazip.com)
-   $ printf '%s' "$PUBLIC_IP"
+   $ printf '%s\n' "$PUBLIC_IP"
    (Check the displayed public IP)
    ```
 
@@ -98,7 +98,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
 
 1. Generate Certificate Authority (CA) and VPN server certificates:
 
-   **Note:** Specify the certificate validity period (in months) with "-v". e.g. "-v 36". Also, if you used the server's DNS name instead of its IP address in step 1 above, replace `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` in the command below with `--extSAN "dns:$PUBLIC_IP"`.
+   **Note:** Specify the certificate validity period (in months) with "-v". e.g. "-v 36".
 
    ```bash
    $ certutil -z <(head -c 1024 /dev/urandom) \
@@ -118,6 +118,8 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
    N
    ```
 
+   **Note:** If you specified the server's DNS name (instead of its IP address) in step 1 above, you must replace `--extSAN "ip:$PUBLIC_IP,dns:$PUBLIC_IP"` in the command below with `--extSAN "dns:$PUBLIC_IP"`.
+
    ```bash
    $ certutil -z <(head -c 1024 /dev/urandom) \
      -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \
@@ -192,7 +194,7 @@ Before continuing, make sure you have successfully <a href="https://github.com/h
    $ service ipsec restart
    ```
 
-1. Follow instructions for your operating system. Note that if you specified your server's DNS name in step 1 above, enter the DNS name instead of IP address in the **Server** and **Remote ID** fields.
+1. Follow instructions below for your operating system. **Note:** If you specified the server's DNS name (instead of its IP address) in step 1 above, you must enter the DNS name in the **Server** and **Remote ID** fields.
 
    #### Windows 7, 8.x and 10