1
0
mirror of synced 2024-11-22 04:56:03 +03:00

Update docs

This commit is contained in:
hwdsl2 2023-07-29 01:41:34 -05:00
parent ef24c47928
commit 3e343f9d3c
20 changed files with 37 additions and 37 deletions

View File

@ -4,7 +4,7 @@ Link to license summary: https://creativecommons.org/licenses/by-sa/3.0/
Copyright (C) 2014-2023 [Lin Song](https://github.com/hwdsl2) Copyright (C) 2014-2023 [Lin Song](https://github.com/hwdsl2)
Based on [the work of Thomas Sarlandie](https://github.com/sarfata/voodooprivacy) (Copyright 2012) Based on [the work of Thomas Sarlandie](https://github.com/sarfata/voodooprivacy) (Copyright 2012)
See the [azure/](azure/) subfolder for its authors. See the [aws/](aws/) and [azure/](azure/) subfolders for their respective authors.
The following four files (only) are licensed under the GPL: The following four files (only) are licensed under the GPL:
[clients.md](docs/clients.md), [clients-zh.md](docs/clients-zh.md), [clients-xauth.md](docs/clients-xauth.md) and [clients-xauth-zh.md](docs/clients-xauth-zh.md) [clients.md](docs/clients.md), [clients-zh.md](docs/clients-zh.md), [clients-xauth.md](docs/clients-xauth.md) and [clients-xauth-zh.md](docs/clients-xauth-zh.md)

View File

@ -92,7 +92,7 @@ https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
这也包括公共云服务中的 Linux 虚拟机,例如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [OVH](https://www.ovhcloud.com/en/vps/) 和 [Microsoft Azure](https://azure.microsoft.com)。公共云用户也可以使用[用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup)部署。 这也包括公共云服务中的 Linux 虚拟机,例如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [OVH](https://www.ovhcloud.com/en/vps/) 和 [Microsoft Azure](https://azure.microsoft.com)。公共云用户也可以使用[用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup)部署。
[![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com)  [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)  [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com)  [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)  [![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README-zh.md)  [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md)
[**» 我想建立并使用自己的 VPN但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps) [**» 我想建立并使用自己的 VPN但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)

View File

@ -92,7 +92,7 @@ Other supported Linux distributions.
This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [OVH](https://www.ovhcloud.com/en/vps/) and [Microsoft Azure](https://azure.microsoft.com). Public cloud users can also deploy using [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup). This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [OVH](https://www.ovhcloud.com/en/vps/) and [Microsoft Azure](https://azure.microsoft.com). Public cloud users can also deploy using [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup).
[![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com)  [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)  [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README.md)  [![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com)  [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239)  [![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README.md)  [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README.md)
[**» I want to run my own VPN but don't have a server for that**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps) [**» I want to run my own VPN but don't have a server for that**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps)

View File

@ -10,7 +10,7 @@
> <details><summary><strong>注:</strong> 在某些 AWS 区域中,此模版提供的某些实例类型可能不可用。(点击查看详情) > <details><summary><strong>注:</strong> 在某些 AWS 区域中,此模版提供的某些实例类型可能不可用。(点击查看详情)
> </summary> > </summary>
> >
> 比如 `m5a.large` 可能无法在 `ap-east-1` 区域部署(仅为假设)。在此情况下,你会在部署过程中遇到此错误:`The requested configuration is currently not supported. Please check the documentation for supported configurations`。新开放的 AWS 区域更容易出现此问题,因为它们提供的实例类型较少。如需了解更多关于实例可用性的信息,请参见 [https://ec2instances.info](https://ec2instances.info)。</details> > 比如 `m5a.large` 可能无法在 `ap-east-1` 区域部署(仅为假设)。在此情况下,你会在部署过程中遇到此错误:`The requested configuration is currently not supported. Please check the documentation for supported configurations`。新开放的 AWS 区域更容易出现此问题,因为它们提供的实例类型较少。如需了解更多关于实例可用性的信息,请参见 [https://instances.vantage.sh/](https://instances.vantage.sh/)。</details>
- VPN 服务器的操作系统Ubuntu 22.04/20.04, Debian 10/11/12, CentOS 7, Amazon Linux 2 - VPN 服务器的操作系统Ubuntu 22.04/20.04, Debian 10/11/12, CentOS 7, Amazon Linux 2
- 你的 VPN 用户名 - 你的 VPN 用户名
@ -21,21 +21,27 @@
确保使用 **AWS 账户根用户** 或者有 **管理员权限****IAM 用户** 部署此模板。 确保使用 **AWS 账户根用户** 或者有 **管理员权限****IAM 用户** 部署此模板。
右键单击这个 [**模板链接**](https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/aws/cloudformation-template-ipsec.json),并将它保存到你的计算机上的一个新文件。然后在 ["创建堆栈" 向导](https://console.aws.amazon.com/cloudformation/home#/stacks/new)中将其作为模板源上传。 右键单击这个 [**模板链接**](https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/aws/cloudformation-template-ipsec.json),并将它保存到你的计算机上的一个新文件。然后在 ["创建堆栈" 向导](https://console.aws.amazon.com/cloudformation/home#/stacks/new)中将其作为模板源上传。继续创建堆栈,在最后一步你需要确认(选择)此模板可以创建 IAM 资源。
![上传模板](upload-the-template.png) <details>
<summary>
点这里查看屏幕截图
</summary>
在步骤 4你需要确认选择此模板可以创建 IAM 资源。 ![上传模板](images/upload-the-template.png)
![指定参数](images/specify-parameters.png)
![确认 IAM](confirm-iam.png) ![确认 IAM](images/confirm-iam.png)
</details>
点击下面的图标开始: 点击下面的图标开始:
<a href="https://console.aws.amazon.com/cloudformation/home#/stacks/new" target="_blank"><img src="cloudformation-launch-stack-button.png" alt="Launch stack" height="34px"></a> [![Launch stack](images/cloudformation-launch-stack-button.png)](https://console.aws.amazon.com/cloudformation/home#/stacks/new)
要指定一个 AWS 区域,你可以使用导航栏上你的帐户信息右侧的选择器。当你在最后一步中点击 "create stack" 之后,请等待堆栈创建和 VPN 安装完成,可能需要最多 15 分钟。一旦堆栈的部署状态变成 **"CREATE_COMPLETE"** ,你就可以连接到 VPN 服务器了。单击 **Outputs** 选项卡以查看你的 VPN 登录信息,然后继续下一步:[配置 VPN 客户端](../README-zh.md#下一步)。 要指定一个 AWS 区域,你可以使用导航栏上你的帐户信息右侧的选择器。当你在最后一步中点击 "create stack" 之后,请等待堆栈创建和 VPN 安装完成,可能需要最多 15 分钟。一旦堆栈的部署状态变成 **"CREATE_COMPLETE"** ,你就可以连接到 VPN 服务器了。单击 **Outputs** 选项卡以查看你的 VPN 登录信息,然后继续下一步:[配置 VPN 客户端](../README-zh.md#下一步)。
> **注**:如果你删除使用此模板部署的 CloudFormation 堆栈,在部署期间添加的密钥对将不会自动被清理。要管理你的密钥对,请转到 EC2 控制台 -> 密钥对。 > **注:** IKEv2 模式的客户端配置文件可以在你的 VPN 服务器的 `/root` 目录中找到。要使用 SSH 连接到服务器,请参见下面的 "常见问题" 小节。
> **注:** 如果你删除使用此模板部署的 CloudFormation 堆栈,在部署期间添加的密钥对将不会自动被清理。要管理你的密钥对,请转到 EC2 控制台 -> 密钥对。
## 常见问题 ## 常见问题
@ -55,7 +61,7 @@ EC2 上的每个 Linux 服务器发行版本都有它自己的默认登录用户
| --- | --- | | --- | --- |
| Ubuntu | `ubuntu` | | Ubuntu | `ubuntu` |
| Debian | `admin` | | Debian | `admin` |
| CentOS (`CentOS Linux 7`) | `centos` | | CentOS (`CentOS 7`) | `centos` |
| Amazon Linux 2 | `ec2-user` | | Amazon Linux 2 | `ec2-user` |
此模板在部署期间为你生成一个密钥对,并且在成功创建堆栈后,其中的私钥将在 **Outputs** 选项卡下以文本形式提供。 此模板在部署期间为你生成一个密钥对,并且在成功创建堆栈后,其中的私钥将在 **Outputs** 选项卡下以文本形式提供。
@ -64,11 +70,11 @@ EC2 上的每个 Linux 服务器发行版本都有它自己的默认登录用户
> **注:** 在保存到你的计算机之前,你可能需要修改私钥的格式,比如用换行符替换所有的空格。在保存后,需要为该私钥文件设置[适当的权限](https://docs.aws.amazon.com/zh_cn/AWSEC2/latest/UserGuide/connection-prereqs.html#connection-prereqs-private-key)才能使用。 > **注:** 在保存到你的计算机之前,你可能需要修改私钥的格式,比如用换行符替换所有的空格。在保存后,需要为该私钥文件设置[适当的权限](https://docs.aws.amazon.com/zh_cn/AWSEC2/latest/UserGuide/connection-prereqs.html#connection-prereqs-private-key)才能使用。
![显示密钥](show-key.png) ![显示密钥](images/show-key.png)
要为私钥文件设置适当的权限,请在该文件所在的目录下运行以下命令: 要为私钥文件设置适当的权限,请在该文件所在的目录下运行以下命令:
```bash ```bash
sudo chmod 400 key-file.pem $ sudo chmod 400 key-file.pem
``` ```
使用 SSH 登录到 EC2 实例的示例命令: 使用 SSH 登录到 EC2 实例的示例命令:
@ -80,7 +86,3 @@ $ ssh -i path/to/your/key-file.pem instance-username@instance-ip-address
## 作者 ## 作者
版权所有 (C) 2020-2023 [S. X. Liang](https://github.com/scottpedia) 版权所有 (C) 2020-2023 [S. X. Liang](https://github.com/scottpedia)
## 屏幕截图
![指定参数](specify-parameters.png)

View File

@ -17,25 +17,31 @@ Available customization parameters:
- Your VPN password - Your VPN password
- Your VPN IPsec PSK (pre-shared key) - Your VPN IPsec PSK (pre-shared key)
> **Note**: DO NOT use these special characters within values: `\ " '` > **Note:** DO NOT use these special characters within values: `\ " '`
Make sure to deploy this template with an **AWS Account Root User** or an **IAM Account** with **Administrator Access**. Make sure to deploy this template with an **AWS Account Root User** or an **IAM Account** with **Administrator Access**.
Right-click this [**template link**](https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/aws/cloudformation-template-ipsec.json) and save as a file on your computer. Then upload it as the template source in the [stack creation wizard](https://console.aws.amazon.com/cloudformation/home#/stacks/new). Right-click this [**template link**](https://raw.githubusercontent.com/hwdsl2/setup-ipsec-vpn/master/aws/cloudformation-template-ipsec.json) and save as a file on your computer. Then upload it as the template source in the [stack creation wizard](https://console.aws.amazon.com/cloudformation/home#/stacks/new). Continue creating the stack, and in the final step make sure to confirm that this template may create IAM resources.
![Upload the template](upload-the-template.png) <details>
<summary>
Click here to view screenshots
</summary>
At step 4, make sure to confirm that this template may create IAM resources. ![Upload the template](images/upload-the-template.png)
![Specify parameters](images/specify-parameters.png)
![Confirm IAM](confirm-iam.png) ![Confirm IAM](images/confirm-iam.png)
</details>
Click the icon below to start: Click the icon below to start:
<a href="https://console.aws.amazon.com/cloudformation/home#/stacks/new" target="_blank"><img src="cloudformation-launch-stack-button.png" alt="Launch stack" height="34px"></a> [![Launch stack](images/cloudformation-launch-stack-button.png)](https://console.aws.amazon.com/cloudformation/home#/stacks/new)
You may choose an AWS region using the selector to the right of your account information on the navigation bar. After you click "create stack" in the final step, please wait for the stack creation and VPN setup to complete, which may take up to 15 minutes. As soon as the stack's status changes to **"CREATE_COMPLETE"**, you are ready to connect to the VPN server. Click the **Outputs** tab to view your VPN login details. Then continue to [Next steps: Configure VPN Clients](../README.md#next-steps). You may choose an AWS region using the selector to the right of your account information on the navigation bar. After you click "create stack" in the final step, please wait for the stack creation and VPN setup to complete, which may take up to 15 minutes. As soon as the stack's status changes to **"CREATE_COMPLETE"**, you are ready to connect to the VPN server. Click the **Outputs** tab to view your VPN login details. Then continue to [Next steps: Configure VPN Clients](../README.md#next-steps).
> **Note**: If you delete a CloudFormation stack deployed using this template, the key pair that was added during deployment won't be automatically cleaned up. To manage your key pairs, go to EC2 console -> Key Pairs. > **Note:** Client configuration files for IKEv2 mode can be found in the `/root` folder of your VPN server. To connect to the VPN server using SSH, refer to the FAQs section below.
> **Note:** If you delete a CloudFormation stack deployed using this template, the key pair that was added during deployment won't be automatically cleaned up. To manage your key pairs, go to EC2 console -> Key Pairs.
## FAQs ## FAQs
@ -55,7 +61,7 @@ List of default usernames:
| --- | --- | | --- | --- |
| Ubuntu | `ubuntu` | | Ubuntu | `ubuntu` |
| Debian | `admin` | | Debian | `admin` |
| CentOS (`CentOS Linux 7`) | `centos` | | CentOS (`CentOS 7`) | `centos` |
| Amazon Linux 2 | `ec2-user` | | Amazon Linux 2 | `ec2-user` |
This template generates a key pair for you during deployment, and the private key will be available as text under the **Outputs** tab after the stack is successfully created. This template generates a key pair for you during deployment, and the private key will be available as text under the **Outputs** tab after the stack is successfully created.
@ -64,11 +70,11 @@ You will need to save the private key from the **Outputs** tab to a file on your
> **Note:** You may need to format the private key by replacing all spaces with newlines, before saving to a file. The file will need to be set with [proper permissions](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs.html#connection-prereqs-private-key) before using. > **Note:** You may need to format the private key by replacing all spaces with newlines, before saving to a file. The file will need to be set with [proper permissions](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs.html#connection-prereqs-private-key) before using.
![Show key](show-key.png) ![Show key](images/show-key.png)
To apply proper permissions to your private key file, run the following command under the directory where the file is located: To apply proper permissions to your private key file, run the following command under the directory where the file is located:
```bash ```bash
sudo chmod 400 key-file.pem $ sudo chmod 400 key-file.pem
``` ```
Example command to login to your EC2 instance using SSH: Example command to login to your EC2 instance using SSH:
@ -80,7 +86,3 @@ $ ssh -i path/to/your/key-file.pem instance-username@instance-ip-address
## Author ## Author
Copyright (C) 2020-2023 [S. X. Liang](https://github.com/scottpedia) Copyright (C) 2020-2023 [S. X. Liang](https://github.com/scottpedia)
## Screenshots
![Specify parameters](specify-parameters.png)

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.2 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 331 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
aws/images/confirm-iam.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 233 KiB

BIN
aws/images/show-key.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 465 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 197 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 259 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 661 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 277 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 370 KiB

View File

@ -571,8 +571,6 @@ ipsec trafficstatus
1. 单击 **确定** 关闭 **高级设置** 1. 单击 **确定** 关闭 **高级设置**
1. 单击 **确定** 保存 VPN 连接的详细信息。 1. 单击 **确定** 保存 VPN 连接的详细信息。
请参见 VPN 连接属性对话框的[屏幕截图](images/vpn-properties-zh.png)。
### Windows 10 正在连接 ### Windows 10 正在连接
如果你使用 Windows 10 并且 VPN 卡在 "正在连接" 状态超过几分钟,尝试以下步骤: 如果你使用 Windows 10 并且 VPN 卡在 "正在连接" 状态超过几分钟,尝试以下步骤:

View File

@ -569,8 +569,6 @@ To fix these errors, please follow these steps:
1. Click **OK** to close the **Advanced settings**. 1. Click **OK** to close the **Advanced settings**.
1. Click **OK** to save the VPN connection details. 1. Click **OK** to save the VPN connection details.
For reference, see [this screenshot](images/vpn-properties.png) of the VPN connection properties dialog.
### Windows 10 connecting ### Windows 10 connecting
If using Windows 10 and the VPN is stuck on "connecting" for more than a few minutes, try these steps: If using Windows 10 and the VPN is stuck on "connecting" for more than a few minutes, try these steps:

Binary file not shown.

Before

Width:  |  Height:  |  Size: 2.0 KiB

After

Width:  |  Height:  |  Size: 793 B

Binary file not shown.

Before

Width:  |  Height:  |  Size: 62 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 66 KiB