diff --git a/README-zh.md b/README-zh.md
index 79c971f..f724199 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -2,7 +2,7 @@
*其他语言版本: [English](README.md), [简体中文](README-zh.md).*
-使用这些 Linux Shell 脚本一键快速搭建 IPsec/L2TP VPN 服务器。支持 Ubuntu,Debian 和 CentOS 系统。你只需提供自己的 VPN 登录凭证(或者可以自动生成),然后运行脚本自动完成安装。
+使用这些 Linux Shell 脚本一键快速搭建 IPsec/L2TP VPN 服务器。支持 Ubuntu,Debian 和 CentOS 系统。你只需提供自己的 VPN 登录凭证,或者选择随机生成凭证。然后运行脚本自动完成安装。
我们将使用 Libreswan 作为 IPsec 服务器,以及 xl2tpd 作为 L2TP 提供者。
@@ -24,7 +24,7 @@
## 功能特性
-- :tada: **新特性:** 在 `IPsec/L2TP` 的基础上新增对 `IPsec/XAUTH` 的支持
+- :tada: **NEW:** 新增支持更高效的 `IPsec/XAUTH` (也称为 `Cisco IPsec`) 模式
- 全自动的 IPsec/L2TP VPN 服务器配置,无需用户输入
- 封装所有的 VPN 流量在 UDP 协议,不需要 ESP 协议支持
- 可直接作为 Amazon EC2 实例创建时的用户数据使用
@@ -94,7 +94,7 @@ sudo sh vpnsetup_centos.sh
配置你的计算机或其它设备使用 VPN 。请参见: 配置 IPsec/L2TP VPN 客户端。
-**新特性:** 在 `IPsec/L2TP` 的基础上,现在新增对 `IPsec/XAUTH` 的支持。请参见: 配置 IPsec/XAUTH VPN 客户端。
+**NEW:** 新增支持更高效的 `IPsec/XAUTH` (也称为 `Cisco IPsec`) 模式。请参考 配置 IPsec/XAUTH VPN 客户端。
开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles:
@@ -102,7 +102,7 @@ sudo sh vpnsetup_centos.sh
**Windows 用户** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到`Error 628`,请打开 VPN 连接属性的"安全"选项卡,启用 `CHAP` 选项并禁用 `MS-CHAP v2`。
-**Android 6 (Marshmallow) 用户**: 请编辑 `/etc/ipsec.conf` 并在 `ike=` 和 `phase2alg=` 两行结尾添加 `,aes256-sha2_256` 。另外增加一行 `sha2-truncbug=yes` 。每行开头必须空两格。保存修改并运行 `service ipsec restart` 。
+**Android 6 (Marshmallow) 用户** 请参见此文档中的注释: 配置 IPsec/L2TP VPN 客户端。
如果要创建具有不同凭据的多个 VPN 用户,只需要修改这几行的脚本。
diff --git a/README.md b/README.md
index 18e820e..780bae1 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
*Read this in other languages: [English](README.md), [简体中文](README-zh.md).*
-With these scripts, you can set up your own IPsec/L2TP VPN server in just a few minutes on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials (or auto-generate them). The scripts will handle the rest.
+These scripts will let you set up your own IPsec/L2TP VPN server in no more than a minute on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, or auto-generate them. The scripts will handle the rest.
We will use Libreswan as the IPsec server, and xl2tpd as the L2TP provider.
@@ -24,7 +24,7 @@ We will use Libreswan as th
## Features
-- :tada: **NEW:** `IPsec/XAUTH` is now supported in addition to `IPsec/L2TP`
+- :tada: **NEW:** The faster `IPsec/XAUTH` (a.k.a. `Cisco IPsec`) mode is now supported
- Fully automated IPsec/L2TP VPN server setup, no user input needed
- Encapsulates all VPN traffic in UDP - does not need ESP protocol
- Can be directly used as "user-data" for a new Amazon EC2 instance
@@ -94,7 +94,7 @@ If unable to download via `wget`, you may alternatively open Configure IPsec/L2TP VPN Clients.
-**NEW:** `IPsec/XAUTH` is now supported in addition to `IPsec/L2TP`. See: Configure IPsec/XAUTH VPN Clients.
+**NEW:** The faster `IPsec/XAUTH` (a.k.a. `Cisco IPsec`) mode is now supported. See: Configure IPsec/XAUTH VPN Clients.
Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
@@ -102,7 +102,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
For **Windows users**, a one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). In case you see `Error 628`, go to the "Security" tab of VPN connection properties, enable `CHAP` and disable `MS-CHAP v2`.
-**Android 6 (Marshmallow) users**: Edit `/etc/ipsec.conf` and append `,aes256-sha2_256` to both `ike=` and `phase2alg=`. Then add a new line `sha2-truncbug=yes`. Indent lines with two spaces. Finally, run `service ipsec restart`.
+**Android 6 (Marshmallow) users**: Please see notes in Configure IPsec/L2TP VPN Clients.
To create multiple VPN users with different credentials, just edit a few lines in the scripts.
diff --git a/docs/clients-xauth-zh.md b/docs/clients-xauth-zh.md
index 343fcdc..8053767 100644
--- a/docs/clients-xauth-zh.md
+++ b/docs/clients-xauth-zh.md
@@ -72,6 +72,8 @@ VPN 连接成功后,会在 VPN Connect 状态窗口中显示 **tunnel enabled*
1. 选中 **保存帐户信息** 复选框。
1. 单击 **连接**。
+注: Android 6 (Marshmallow) 用户需要编辑 VPN 服务器上的 `/etc/ipsec.conf` 并在 `ike=` 和 `phase2alg=` 两行结尾添加 `,aes256-sha2_256` 。然后在 `conn shared` 部分增加一行 `sha2-truncbug=yes` (参见这里)。每行开头必须空两格。保存修改并运行 `service ipsec restart`。
+
VPN 连接成功后,会在通知栏显示图标。最后你可以到这里检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
### iOS ###
diff --git a/docs/clients-xauth.md b/docs/clients-xauth.md
index 4ba0c51..5957575 100644
--- a/docs/clients-xauth.md
+++ b/docs/clients-xauth.md
@@ -72,6 +72,8 @@ You can connect to the VPN using the VPN icon in the menu bar, or by selecting t
1. Check the **Save account information** checkbox.
1. Tap **Connect**.
+Note for Android 6 (Marshmallow) users: On the VPN server, edit `/etc/ipsec.conf` and append `,aes256-sha2_256` to both `ike=` and `phase2alg=` lines. Then add a new line `sha2-truncbug=yes` under section `conn shared` (Reference). Indent lines with two spaces. When finished, run `service ipsec restart`.
+
Once connected, you will see a VPN icon in the notification bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is `Your VPN Server IP`".
### iOS ###
diff --git a/docs/clients-zh.md b/docs/clients-zh.md
index 4996576..ef4aa53 100644
--- a/docs/clients-zh.md
+++ b/docs/clients-zh.md
@@ -78,7 +78,7 @@
1. 选中 **保存帐户信息** 复选框。
1. 单击 **连接**。
-注: Android 6 (Marshmallow) 用户需要编辑 VPN 服务器上的 `/etc/ipsec.conf` 并在 `ike=` 和 `phase2alg=` 两行结尾添加 `,aes256-sha2_256` 。另外增加一行 `sha2-truncbug=yes` 。每行开头必须空两格。保存修改并运行 `service ipsec restart`。
+注: Android 6 (Marshmallow) 用户需要编辑 VPN 服务器上的 `/etc/ipsec.conf` 并在 `ike=` 和 `phase2alg=` 两行结尾添加 `,aes256-sha2_256` 。然后在 `conn shared` 部分增加一行 `sha2-truncbug=yes` (参见这里)。每行开头必须空两格。保存修改并运行 `service ipsec restart`。
VPN 连接成功后,会在通知栏显示图标。最后你可以到这里检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
diff --git a/docs/clients.md b/docs/clients.md
index 0f43674..e6e5041 100644
--- a/docs/clients.md
+++ b/docs/clients.md
@@ -78,7 +78,7 @@ You can connect to the VPN using the VPN icon in the menu bar, or by selecting t
1. Check the **Save account information** checkbox.
1. Tap **Connect**.
-Note for Android 6 (Marshmallow) users: On the VPN server, edit the file `/etc/ipsec.conf` and append `,aes256-sha2_256` to both `ike=` and `phase2alg=` lines. Then add a new line `sha2-truncbug=yes` after those. Indent lines with two spaces. When finished, save the file and run `service ipsec restart`.
+Note for Android 6 (Marshmallow) users: On the VPN server, edit `/etc/ipsec.conf` and append `,aes256-sha2_256` to both `ike=` and `phase2alg=` lines. Then add a new line `sha2-truncbug=yes` under section `conn shared` (Reference). Indent lines with two spaces. When finished, run `service ipsec restart`.
Once connected, you will see a VPN icon in the notification bar. You can verify that your traffic is being routed properly by looking up your IP address on Google. It should say "Your public IP address is `Your VPN Server IP`".