diff --git a/README-zh.md b/README-zh.md index b6068ba..c26a9c5 100644 --- a/README-zh.md +++ b/README-zh.md @@ -133,28 +133,28 @@ sh vpn.sh
-高级用户可以自定义 IKEv2 选项。 +高级用户可以自定义 IKEv2 选项。这是可选的。 -高级用户可以指定一个域名作为 IKEv2 模式下的 VPN 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN),它将被包含在生成的服务器证书中。示例如下: +高级用户可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下: ```bash sudo VPN_DNS_NAME='vpn.example.com' sh vpn.sh ``` -类似地,你可以指定第一个 IKEv2 客户端的名称。这是可选的。如果未指定,则使用默认值 `vpnclient`。 +类似地,你可以指定第一个 IKEv2 客户端的名称。如果未指定,则使用默认值 `vpnclient`。 ```bash sudo VPN_CLIENT_NAME='your_client_name' sh vpn.sh ``` -在 VPN 已连接时,客户端默认配置为使用 [Google Public DNS](https://developers.google.com/speed/public-dns/)。高级用户可以为所有的 VPN 模式指定另外的 DNS 服务器。这是可选的。示例如下: +在 VPN 已连接时,客户端默认配置为使用 [Google Public DNS](https://developers.google.com/speed/public-dns/)。你可以为所有的 VPN 模式指定另外的 DNS 服务器。示例如下: ```bash sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 sh vpn.sh ``` -默认情况下,导入 IKEv2 客户端配置时不需要密码。你可以选择使用随机密码保护客户端配置文件。这是可选的。示例如下: +默认情况下,导入 IKEv2 客户端配置时不需要密码。你可以选择使用随机密码保护客户端配置文件。示例如下: ```bash sudo VPN_PROTECT_CONFIG=yes sh vpn.sh diff --git a/README.md b/README.md index 5f38c2d..9abfe43 100644 --- a/README.md +++ b/README.md @@ -133,28 +133,28 @@ sh vpn.sh
-Advanced users can customize IKEv2 options. +Advanced users can optionally customize IKEv2 options. -Advanced users can optionally specify a DNS name to be used as the VPN server address for IKEv2 mode. The DNS name must be a fully qualified domain name (FQDN). It will be included in the generated server certificate. Example: +Advanced users can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example: ```bash sudo VPN_DNS_NAME='vpn.example.com' sh vpn.sh ``` -Similarly, you may optionally specify a name for the first IKEv2 client. The default is `vpnclient` if not specified. +Similarly, you may specify a name for the first IKEv2 client. The default is `vpnclient` if not specified. ```bash sudo VPN_CLIENT_NAME='your_client_name' sh vpn.sh ``` -By default, clients are set to use [Google Public DNS](https://developers.google.com/speed/public-dns/) when the VPN is active. Advanced users may optionally specify custom DNS server(s) for all VPN modes. Example: +By default, clients are set to use [Google Public DNS](https://developers.google.com/speed/public-dns/) when the VPN is active. You may specify custom DNS server(s) for all VPN modes. Example: ```bash sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 sh vpn.sh ``` -By default, no password is required when importing IKEv2 client configuration. You may optionally choose to protect client config files using a random password. Example: +By default, no password is required when importing IKEv2 client configuration. You can choose to protect client config files using a random password. Example: ```bash sudo VPN_PROTECT_CONFIG=yes sh vpn.sh diff --git a/docs/advanced-usage-zh.md b/docs/advanced-usage-zh.md index 42f2510..b9fea51 100644 --- a/docs/advanced-usage-zh.md +++ b/docs/advanced-usage-zh.md @@ -28,13 +28,13 @@ sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 sh vpn.sh 对于 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式,你可以在不需要额外配置的情况下使用一个域名(比如 `vpn.example.com`)而不是 IP 地址连接到 VPN 服务器。另外,一般来说,在服务器的 IP 更改后,比如在恢复一个映像到具有不同 IP 的新服务器后,VPN 会继续正常工作,虽然可能需要重启服务器。 -对于 [IKEv2](ikev2-howto-zh.md) 模式,如果你想要 VPN 在服务器的 IP 更改后继续正常工作,参见 [这一小节](ikev2-howto-zh.md#更改-ikev2-服务器地址)。或者,你也可以在 [配置 IKEv2](ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 时指定一个域名作为 VPN 服务器的地址。该域名必须是一个全称域名(FQDN),它将被包含在生成的服务器证书中。示例如下: +对于 [IKEv2](ikev2-howto-zh.md) 模式,如果你想要 VPN 在服务器的 IP 更改后继续正常工作,参见 [这一小节](ikev2-howto-zh.md#更改-ikev2-服务器地址)。或者,你也可以在 [配置 IKEv2](ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 时指定一个域名作为 IKEv2 服务器地址。该域名必须是一个全称域名(FQDN)。示例如下: ``` sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto ``` -另外,你也可以自定义 IKEv2 安装选项,通过在运行 [辅助脚本](ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 时去掉 `--auto` 参数来实现。 +另外,你也可以自定义 IKEv2 选项,通过在运行 [辅助脚本](ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 时去掉 `--auto` 参数来实现。 ## 仅限 IKEv2 的 VPN diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index a3ae5fe..2db9b19 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -28,13 +28,13 @@ In certain circumstances, you may want VPN clients to use the specified DNS serv For [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes, you may use a DNS name (e.g. `vpn.example.com`) instead of an IP address to connect to the VPN server, without additional configuration. In addition, the VPN should generally continue to work after server IP changes, such as after restoring a snapshot to a new server with a different IP, although a reboot may be required. -For [IKEv2](ikev2-howto.md) mode, if you want the VPN to continue to work after server IP changes, read [this section](ikev2-howto.md#change-ikev2-server-address). Alternatively, you may specify a DNS name to be used as the VPN server's address when [setting up IKEv2](ikev2-howto.md#set-up-ikev2-using-helper-script). The DNS name must be a fully qualified domain name (FQDN). It will be included in the generated server certificate. Example: +For [IKEv2](ikev2-howto.md) mode, if you want the VPN to continue to work after server IP changes, read [this section](ikev2-howto.md#change-ikev2-server-address). Alternatively, you may specify a DNS name for the IKEv2 server address when [setting up IKEv2](ikev2-howto.md#set-up-ikev2-using-helper-script). The DNS name must be a fully qualified domain name (FQDN). Example: ``` sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto ``` -Alternatively, you may customize IKEv2 setup options by running the [helper script](ikev2-howto.md#set-up-ikev2-using-helper-script) without the `--auto` parameter. +Alternatively, you may customize IKEv2 options by running the [helper script](ikev2-howto.md#set-up-ikev2-using-helper-script) without the `--auto` parameter. ## IKEv2-only VPN diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md index 647e341..a445f2a 100644 --- a/docs/ikev2-howto-zh.md +++ b/docs/ikev2-howto-zh.md @@ -66,25 +66,25 @@ chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 你可以指定一个域名,客户端名称和/或另外的 DNS 服务器。这是可选的。 -在使用自动模式安装 IKEv2 时,高级用户可以指定一个域名作为 VPN 服务器的地址。这是可选的。该域名必须是一个全称域名(FQDN),它将被包含在生成的服务器证书中。示例如下: +在使用自动模式安装 IKEv2 时,高级用户可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下: ```bash sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto ``` -类似地,你可以指定第一个 IKEv2 客户端的名称。这是可选的。如果未指定,则使用默认值 `vpnclient`。 +类似地,你可以指定第一个 IKEv2 客户端的名称。如果未指定,则使用默认值 `vpnclient`。 ```bash sudo VPN_CLIENT_NAME='your_client_name' ikev2.sh --auto ``` -在 VPN 已连接时,IKEv2 客户端默认配置为使用 [Google Public DNS](https://developers.google.com/speed/public-dns/)。在使用自动模式安装 IKEv2 时,你可以指定另外的 DNS 服务器。这是可选的。示例如下: +在 VPN 已连接时,IKEv2 客户端默认配置为使用 [Google Public DNS](https://developers.google.com/speed/public-dns/)。你可以为 IKEv2 指定另外的 DNS 服务器。示例如下: ```bash sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 ikev2.sh --auto ``` -默认情况下,导入 IKEv2 客户端配置时不需要密码。你可以选择使用随机密码保护客户端配置文件。这是可选的。示例如下: +默认情况下,导入 IKEv2 客户端配置时不需要密码。你可以选择使用随机密码保护客户端配置文件。示例如下: ```bash sudo VPN_PROTECT_CONFIG=yes ikev2.sh --auto @@ -919,6 +919,8 @@ chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null sudo ikev2.sh --removeikev2 ``` +在移除 IKEv2 之后,如果你想要重新配置 IKEv2,参见 [这一小节](#使用辅助脚本配置-ikev2)。 +
另外,你也可以手动移除 IKEv2。点这里查看步骤。 diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md index abc4590..505da12 100644 --- a/docs/ikev2-howto.md +++ b/docs/ikev2-howto.md @@ -66,25 +66,25 @@ Then run the script using the instructions above. You may optionally specify a DNS name, client name and/or custom DNS servers. -When running IKEv2 setup in auto mode, advanced users can optionally specify a DNS name to be used as the VPN server's address. The DNS name must be a fully qualified domain name (FQDN). It will be included in the generated server certificate. Example: +When running IKEv2 setup in auto mode, advanced users can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example: ```bash sudo VPN_DNS_NAME='vpn.example.com' ikev2.sh --auto ``` -Similarly, you may optionally specify a name for the first IKEv2 client. The default is `vpnclient` if not specified. +Similarly, you may specify a name for the first IKEv2 client. The default is `vpnclient` if not specified. ```bash sudo VPN_CLIENT_NAME='your_client_name' ikev2.sh --auto ``` -By default, IKEv2 clients are set to use [Google Public DNS](https://developers.google.com/speed/public-dns/) when the VPN is active. When running IKEv2 setup in auto mode, you may optionally specify custom DNS server(s). Example: +By default, IKEv2 clients are set to use [Google Public DNS](https://developers.google.com/speed/public-dns/) when the VPN is active. You may specify custom DNS server(s) for IKEv2. Example: ```bash sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 ikev2.sh --auto ``` -By default, no password is required when importing IKEv2 client configuration. You may optionally choose to protect client config files using a random password. Example: +By default, no password is required when importing IKEv2 client configuration. You can choose to protect client config files using a random password. Example: ```bash sudo VPN_PROTECT_CONFIG=yes ikev2.sh --auto @@ -921,6 +921,8 @@ If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clien sudo ikev2.sh --removeikev2 ``` +After removing IKEv2, if you want to set it up again, refer to [this section](#set-up-ikev2-using-helper-script). +
Alternatively, you can manually remove IKEv2. Click here for instructions.