From 1093b03dc7880e0e4d5009ad725db597df487c76 Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Wed, 5 Jun 2024 23:20:24 -0500 Subject: [PATCH] Update docs - Remove CentOS Stream 8, which reached EOL after May 31, 2024. - In advanced usage, add a note on how to set different DNS server(s) for specific IKEv2 client(s). --- README-zh.md | 2 +- README.md | 2 +- docs/advanced-usage-zh.md | 2 ++ docs/advanced-usage.md | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/README-zh.md b/README-zh.md index c8ba35b..323e5f6 100644 --- a/README-zh.md +++ b/README-zh.md @@ -74,7 +74,7 @@ https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh - Ubuntu 24.04, 22.04 或者 20.04 - Debian 12, 11 或者 10 -- CentOS 7 或者 CentOS Stream 9/8 +- CentOS 7 或者 CentOS Stream 9 - Rocky Linux 或者 AlmaLinux 9/8 - Oracle Linux 9, 8 或者 7 - Amazon Linux 2 diff --git a/README.md b/README.md index 12ce70a..775d13d 100644 --- a/README.md +++ b/README.md @@ -74,7 +74,7 @@ A cloud server, virtual private server (VPS) or dedicated server, with an instal - Ubuntu 24.04, 22.04 or 20.04 - Debian 12, 11 or 10 -- CentOS 7 or CentOS Stream 9/8 +- CentOS 7 or CentOS Stream 9 - Rocky Linux or AlmaLinux 9/8 - Oracle Linux 9, 8 or 7 - Amazon Linux 2 diff --git a/docs/advanced-usage-zh.md b/docs/advanced-usage-zh.md index 8d2f387..42714bb 100644 --- a/docs/advanced-usage-zh.md +++ b/docs/advanced-usage-zh.md @@ -33,6 +33,8 @@ 高级用户可以在运行 VPN 安装脚本时定义 `VPN_DNS_SRV1` 和 `VPN_DNS_SRV2`(可选)。有关更多详细信息,请参见[自定义 VPN 选项](../README-zh.md#自定义-vpn-选项)。 +你可以为特定的 IKEv2 客户端设置不同的 DNS 服务器。对于此用例,请参见 [#1562](https://github.com/hwdsl2/setup-ipsec-vpn/issues/1562#issuecomment-2151361658)。 + 在某些情况下,你可能希望 VPN 客户端仅使用指定的 DNS 服务器来解析内部域名,并使用其本地配置的 DNS 服务器来解析所有其他域名。这可以使用 `modecfgdomains` 选项进行配置,例如 `modecfgdomains="internal.example.com, home"`。对于 IKEv2,将此选项添加到 `/etc/ipsec.d/ikev2.conf` 中的 `conn ikev2-cp` 小节。对于 IPsec/XAuth ("Cisco IPsec"),将此选项添加到 `/etc/ipsec.conf` 中的 `conn xauth-psk` 小节。然后运行 `service ipsec restart`。IPsec/L2TP 模式不支持此选项。 ## 域名和更改服务器 IP diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 99a818b..7c43e85 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -33,6 +33,8 @@ Below is a list of some popular public DNS providers for your reference. Advanced users can define `VPN_DNS_SRV1` and optionally `VPN_DNS_SRV2` when running the VPN setup script. For more details, see [Customize VPN options](../README.md#customize-vpn-options). +It is possible to set different DNS server(s) for specific IKEv2 client(s). For this use case, please refer to [#1562](https://github.com/hwdsl2/setup-ipsec-vpn/issues/1562#issuecomment-2151361658). + In certain circumstances, you may want VPN clients to use the specified DNS server(s) only for resolving internal domain name(s), and use their locally configured DNS servers to resolve all other domain names. This can be configured using the `modecfgdomains` option, e.g. `modecfgdomains="internal.example.com, home"`. Add this option to section `conn ikev2-cp` in `/etc/ipsec.d/ikev2.conf` for IKEv2, and to section `conn xauth-psk` in `/etc/ipsec.conf` for IPsec/XAuth ("Cisco IPsec"). Then run `service ipsec restart`. IPsec/L2TP mode does not support this option. ## DNS name and server IP changes