diff --git a/README-zh.md b/README-zh.md
index 6c15e3c..17ea346 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -130,7 +130,33 @@ sh vpn.sh
-可选:在安装 VPN 时自定义 IKEv2 选项。
+如果无法下载,请点这里。
+
+
+你也可以使用 `curl` 下载。例如:
+
+```bash
+curl -fL https://get.vpnsetup.net -o vpn.sh
+sudo sh vpn.sh
+```
+
+或者,你也可以使用这些链接:
+
+```bash
+https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
+https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
+```
+
+如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器。
+
+
+#### 可选:在安装 VPN 时自定义 IKEv2 选项。
+
+在安装 VPN 时,你可以自定义 IKEv2 选项。这是可选的。
+
+
+
+选项 1: 使用环境变量自定义 IKEv2 选项。
在安装 VPN 时,你可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下:
@@ -159,24 +185,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
-如果无法下载,请点这里。
+选项 2: 在安装 VPN 时跳过 IKEv2,然后使用自定义选项配置 IKEv2。
-你也可以使用 `curl` 下载。例如:
+在安装 VPN 时,你可以跳过 IKEv2,仅安装 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式:
```bash
-curl -fL https://get.vpnsetup.net -o vpn.sh
-sudo sh vpn.sh
+sudo VPN_SKIP_IKEV2=yes sh vpn.sh
```
-或者,你也可以使用这些链接:
+(可选)如需指定另外的 DNS 服务器,请参见上面的选项 1。
+
+然后运行 IKEv2 [辅助脚本](docs/ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 使用自定义选项以交互方式配置 IKEv2:
```bash
-https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
-https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
+sudo ikev2.sh
```
-如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器。
+**注:** 如果服务器上已经配置了 IKEv2,则 `VPN_SKIP_IKEV2` 变量无效。在这种情况下,如需自定义 IKEv2 选项,你可以首先 [移除 IKEv2](docs/ikev2-howto-zh.md#移除-ikev2),然后运行 `sudo ikev2.sh` 重新配置。
## 下一步
diff --git a/README.md b/README.md
index eedfd59..aa31c15 100644
--- a/README.md
+++ b/README.md
@@ -130,7 +130,33 @@ After setup, you may optionally install [WireGuard](https://github.com/hwdsl2/wi
-Optional: Customize IKEv2 options during VPN setup.
+Click here if you are unable to download.
+
+
+You may also use `curl` to download. For example:
+
+```bash
+curl -fL https://get.vpnsetup.net -o vpn.sh
+sudo sh vpn.sh
+```
+
+Alternative setup URLs:
+
+```bash
+https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
+https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
+```
+
+If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
+
+
+#### Optional: Customize IKEv2 options during VPN setup.
+
+When installing the VPN, you can optionally customize IKEv2 options.
+
+
+
+Option 1: Customize IKEv2 options using environment variables.
When installing the VPN, you can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example:
@@ -159,24 +185,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
-Click here if you are unable to download.
+Option 2: Skip IKEv2 during VPN setup, then set up IKEv2 using custom options.
-You may also use `curl` to download. For example:
+When installing the VPN, you can skip IKEv2 and only install the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes:
```bash
-curl -fL https://get.vpnsetup.net -o vpn.sh
-sudo sh vpn.sh
+sudo VPN_SKIP_IKEV2=yes sh vpn.sh
```
-Alternative setup URLs:
+(Optional) If you want to specify custom DNS server(s), refer to option 1 above.
+
+After that, run the IKEv2 [helper script](docs/ikev2-howto.md#set-up-ikev2-using-helper-script) to set up IKEv2 interactively using custom options:
```bash
-https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
-https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
+sudo ikev2.sh
```
-If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
+**Note:** The `VPN_SKIP_IKEV2` variable has no effect if IKEv2 is already set up on the server. In that case, to customize IKEv2 options, you can first [remove IKEv2](docs/ikev2-howto.md#remove-ikev2), then set it up again using `sudo ikev2.sh`.
## Next steps