Update docs
This commit is contained in:
parent
cec1dde5e4
commit
4d371e360e
37
README-zh.md
37
README-zh.md
@ -39,7 +39,7 @@ Ubuntu & Debian
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
@ -49,7 +49,7 @@ CentOS & RHEL
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup-centos -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup-centos -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
@ -59,18 +59,12 @@ Amazon Linux 2
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
你的 VPN 登录凭证将会被自动随机生成,并在安装完成后显示在屏幕上。
|
||||
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>:
|
||||
|
||||
```bash
|
||||
wget https://git.io/ikev2setup -O ikev2.sh && sudo bash ikev2.sh --auto
|
||||
```
|
||||
|
||||
如需了解其它安装选项,以及如何配置 VPN 客户端,请继续阅读以下部分。
|
||||
|
||||
<a name="quick-start-note"></a>
|
||||
@ -153,7 +147,11 @@ wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh
|
||||
```
|
||||
</details>
|
||||
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>。
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**选项 2:** 编辑脚本并提供你自己的 VPN 登录凭证:
|
||||
|
||||
@ -199,7 +197,11 @@ sudo sh vpn.sh
|
||||
|
||||
**注:** 一个安全的 IPsec PSK 应该至少包含 20 个随机字符。
|
||||
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>。
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**选项 3:** 将你自己的 VPN 登录凭证定义为环境变量:
|
||||
|
||||
@ -252,7 +254,11 @@ sh vpn.sh
|
||||
```
|
||||
</details>
|
||||
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>。
|
||||
在安装成功之后,推荐 <a href="docs/ikev2-howto-zh.md" target="_blank">配置 IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**注:** 如果无法通过 `wget` 下载,你也可以打开 <a href="vpnsetup.sh" target="_blank">vpnsetup.sh</a>,<a href="vpnsetup_centos.sh" target="_blank">vpnsetup_centos.sh</a> 或者 <a href="vpnsetup_amzn.sh" target="_blank">vpnsetup_amzn.sh</a>,然后点击右方的 **`Raw`** 按钮。按快捷键 `Ctrl-A` 全选, `Ctrl-C` 复制,然后粘贴到你喜欢的编辑器。
|
||||
|
||||
@ -364,6 +370,13 @@ sudo VPN_DNS_NAME='vpn.example.com' bash ikev2.sh --auto
|
||||
|
||||
你可以使用这些 VPN 内网 IP 进行通信。但是请注意,为 VPN 客户端分配的 IP 是动态的,而且客户端设备上的防火墙可能会阻止这些流量。
|
||||
|
||||
在默认配置下,允许客户端之间的流量。如果你想要 \*不允许\* 客户端之间的流量,可以在 VPN 服务器上运行以下命令。将它们添加到 `/etc/rc.local` 以便在重启后继续有效。
|
||||
|
||||
```
|
||||
iptables -I FORWARD 2 -i ppp+ -o ppp+ -s 192.168.42.0/24 -d 192.168.42.0/24 -j DROP
|
||||
iptables -I FORWARD 3 -s 192.168.43.0/24 -d 192.168.43.0/24 -j DROP
|
||||
```
|
||||
|
||||
### 更改 IPTables 规则
|
||||
|
||||
如果你想要在安装后更改 IPTables 规则,请编辑 `/etc/iptables.rules` 和/或 `/etc/iptables/rules.v4` (Ubuntu/Debian),或者 `/etc/sysconfig/iptables` (CentOS/RHEL)。然后重启服务器。
|
||||
|
37
README.md
37
README.md
@ -39,7 +39,7 @@ Ubuntu & Debian
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
@ -49,7 +49,7 @@ CentOS & RHEL
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup-centos -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup-centos -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
@ -59,18 +59,12 @@ Amazon Linux 2
|
||||
</summary>
|
||||
|
||||
```bash
|
||||
wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh
|
||||
wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh && sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
</details>
|
||||
|
||||
Your VPN login details will be randomly generated, and displayed on the screen when finished.
|
||||
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>:
|
||||
|
||||
```bash
|
||||
wget https://git.io/ikev2setup -O ikev2.sh && sudo bash ikev2.sh --auto
|
||||
```
|
||||
|
||||
For other installation options and how to set up VPN clients, read the sections below.
|
||||
|
||||
<a name="quick-start-note"></a>
|
||||
@ -153,7 +147,11 @@ wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh
|
||||
```
|
||||
</details>
|
||||
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>.
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**Option 2:** Edit the script and provide your own VPN credentials:
|
||||
|
||||
@ -199,7 +197,11 @@ sudo sh vpn.sh
|
||||
|
||||
**Note:** A secure IPsec PSK should consist of at least 20 random characters.
|
||||
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>.
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**Option 3:** Define your VPN credentials as environment variables:
|
||||
|
||||
@ -252,7 +254,11 @@ sh vpn.sh
|
||||
```
|
||||
</details>
|
||||
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>.
|
||||
After successful installation, it is recommended to <a href="docs/ikev2-howto.md" target="_blank">set up IKEv2</a>:
|
||||
|
||||
```bash
|
||||
sudo bash /opt/src/ikev2.sh --auto
|
||||
```
|
||||
|
||||
**Note:** If unable to download via `wget`, you may also open <a href="vpnsetup.sh" target="_blank">vpnsetup.sh</a>, <a href="vpnsetup_centos.sh" target="_blank">vpnsetup_centos.sh</a> or <a href="vpnsetup_amzn.sh" target="_blank">vpnsetup_amzn.sh</a>, and click the **`Raw`** button on the right. Press `Ctrl-A` to select all, `Ctrl-C` to copy, then paste into your favorite editor.
|
||||
|
||||
@ -364,6 +370,13 @@ When connecting using `IPsec/XAuth ("Cisco IPsec")` or `IKEv2` mode, the VPN ser
|
||||
|
||||
You may use these internal VPN IPs for communication. However, note that the IPs assigned to VPN clients are dynamic, and firewalls on client devices may block such traffic.
|
||||
|
||||
Client-to-client traffic is allowed by default. If you want to \*disallow\* client-to-client traffic, run the following commands on the VPN server. Add them to `/etc/rc.local` to persist after reboot.
|
||||
|
||||
```
|
||||
iptables -I FORWARD 2 -i ppp+ -o ppp+ -s 192.168.42.0/24 -d 192.168.42.0/24 -j DROP
|
||||
iptables -I FORWARD 3 -s 192.168.43.0/24 -d 192.168.43.0/24 -j DROP
|
||||
```
|
||||
|
||||
### Modify IPTables rules
|
||||
|
||||
If you want to modify the IPTables rules after install, edit `/etc/iptables.rules` and/or `/etc/iptables/rules.v4` (Ubuntu/Debian), or `/etc/sysconfig/iptables` (CentOS/RHEL). Then reboot your server.
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
*其他语言版本: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md).*
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/L2TP 模式](clients-zh.md) 连接。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/L2TP](clients-zh.md) 模式连接。
|
||||
|
||||
在成功 <a href="../README-zh.md" target="_blank">搭建自己的 VPN 服务器</a> 之后,按照下面的步骤来配置你的设备。IPsec/XAuth ("Cisco IPsec") 在 Android, iOS 和 OS X 上均受支持,无需安装额外的软件。Windows 用户可以使用免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft 客户端</a>。如果无法连接,请首先检查是否输入了正确的 VPN 登录凭证。
|
||||
|
||||
@ -18,7 +18,7 @@ IPsec/XAuth 模式也称为 "Cisco IPsec"。该模式通常能够比 IPsec/L2TP
|
||||
|
||||
## Windows
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/L2TP 模式](clients-zh.md) 连接。无需安装额外的软件。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/L2TP](clients-zh.md) 模式连接。无需安装额外的软件。
|
||||
|
||||
1. 下载并安装免费的 <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN 客户端</a>。在安装时请选择 **Standard Edition**。
|
||||
**注:** 该 VPN 客户端 **不支持** Windows 10。
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
*Read this in other languages: [English](clients-xauth.md), [简体中文](clients-xauth-zh.md).*
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/L2TP mode](clients.md).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode.
|
||||
|
||||
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure your devices. IPsec/XAuth ("Cisco IPsec") is natively supported by Android, iOS and OS X. There is no additional software to install. Windows users can use the free <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft client</a>. In case you are unable to connect, first check to make sure the VPN credentials were entered correctly.
|
||||
|
||||
@ -18,7 +18,7 @@ IPsec/XAuth mode is also called "Cisco IPsec". This mode is generally **faster t
|
||||
|
||||
## Windows
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/L2TP mode](clients.md). No additional software is required.
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode. No additional software is required.
|
||||
|
||||
1. Download and install the free <a href="https://www.shrew.net/download/vpn" target="_blank">Shrew Soft VPN client</a>. When prompted during install, select **Standard Edition**.
|
||||
**Note:** This VPN client does NOT support Windows 10.
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
*其他语言版本: [English](clients.md), [简体中文](clients-zh.md).*
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||
|
||||
在成功 <a href="../README-zh.md" target="_blank">搭建自己的 VPN 服务器</a> 之后,按照下面的步骤来配置你的设备。IPsec/L2TP 在 Android, iOS, OS X 和 Windows 上均受支持,无需安装额外的软件。设置过程通常只需要几分钟。如果无法连接,请首先检查是否输入了正确的 VPN 登录凭证。
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
|
||||
## Windows
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐)。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md) 模式连接(推荐)。
|
||||
|
||||
### Windows 10 and 8.x
|
||||
|
||||
@ -88,7 +88,7 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
|
||||
|
||||
## OS X
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||
|
||||
1. 打开系统偏好设置并转到网络部分。
|
||||
1. 在窗口左下角单击 **+** 按钮。
|
||||
@ -114,7 +114,7 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
|
||||
|
||||
## Android
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||
|
||||
1. 启动 **设置** 应用程序。
|
||||
1. 单击 **网络和互联网**。或者,如果你使用 Android 7 或更早版本,在 **无线和网络** 部分单击 **更多...**。
|
||||
@ -139,7 +139,7 @@ VPN 连接成功后,会在通知栏显示图标。最后你可以到 <a href="
|
||||
|
||||
## iOS
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者使用 [IPsec/XAuth 模式](clients-xauth-zh.md) 连接。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||
|
||||
1. 进入设置 -> 通用 -> VPN。
|
||||
1. 单击 **添加VPN配置...**。
|
||||
@ -178,7 +178,7 @@ VPN 连接成功后,网络状态图标上会出现 VPN 指示。最后你可
|
||||
|
||||
## Linux
|
||||
|
||||
**注:** 你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐)。
|
||||
**注:** 你也可以使用 [IKEv2](ikev2-howto-zh.md) 模式连接(推荐)。
|
||||
|
||||
### Ubuntu Linux
|
||||
|
||||
@ -346,7 +346,7 @@ OS X (macOS) 用户: 如果可以成功地使用 IPsec/L2TP 模式连接,但
|
||||
|
||||
为了节约电池,iOS 设备 (iPhone/iPad) 在屏幕变黑(睡眠模式)之后不久就会自动断开 Wi-Fi 连接。这会导致 IPsec VPN 断开。该行为是被 <a href="https://discussions.apple.com/thread/2333948" target="_blank">故意设计的</a> 并且不能被配置。
|
||||
|
||||
如果需要 VPN 在设备唤醒后自动重连,你可以 <a href="ikev2-howto-zh.md" target="_blank">配置 IKEv2</a> 并启用 "VPN On Demand" 功能。或者你也可以另外尝试使用 <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a>,它支持 <a href="https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios/" target="_blank">一些选项</a> 比如 "Reconnect on Wakeup" 和 "Seamless Tunnel"。
|
||||
如果需要 VPN 在设备唤醒后自动重连,你可以使用 [IKEv2](ikev2-howto-zh.md) 模式连接(推荐)并启用 "VPN On Demand" 功能。或者你也可以另外尝试使用 <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a>,它支持 <a href="https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios/" target="_blank">一些选项</a> 比如 "Reconnect on Wakeup" 和 "Seamless Tunnel"。
|
||||
|
||||
Android 设备在进入睡眠模式不久后也会断开 Wi-Fi 连接,如果你没有启用选项 "睡眠期间保持 WLAN 开启" 的话。该选项在 Android 8 (Oreo) 和更新版本中不再可用。另外,你也可以尝试打开 "始终开启 VPN" 选项以保持连接。详情请看 <a href="https://support.google.com/android/answer/9089766?hl=zh-Hans" target="_blank">这里</a>。
|
||||
|
||||
@ -410,7 +410,7 @@ ipsec whack --trafficstatus
|
||||
|
||||
## 使用命令行配置 Linux VPN 客户端
|
||||
|
||||
在成功 <a href="../README-zh.md" target="_blank">搭建自己的 VPN 服务器</a> 之后,按照下面的步骤来使用命令行配置 Linux VPN 客户端。另外,你也可以 [配置 IKEv2](ikev2-howto-zh.md)(推荐),或者 [使用图形界面](#linux) 配置。以下步骤是基于 [Peter Sanford 的工作](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c)。这些命令必须在你的 VPN 客户端上使用 `root` 账户运行。
|
||||
在成功 <a href="../README-zh.md" target="_blank">搭建自己的 VPN 服务器</a> 之后,按照下面的步骤来使用命令行配置 Linux VPN 客户端。另外,你也可以使用 [IKEv2](ikev2-howto-zh.md) 模式连接(推荐),或者 [使用图形界面配置](#linux) 。以下步骤是基于 [Peter Sanford 的工作](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c)。这些命令必须在你的 VPN 客户端上使用 `root` 账户运行。
|
||||
|
||||
要配置 VPN 客户端,首先安装以下软件包:
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
*Read this in other languages: [English](clients.md), [简体中文](clients-zh.md).*
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/XAuth mode](clients-xauth.md).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||
|
||||
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure your devices. IPsec/L2TP is natively supported by Android, iOS, OS X, and Windows. There is no additional software to install. Setup should only take a few minutes. In case you are unable to connect, first check to make sure the VPN credentials were entered correctly.
|
||||
|
||||
@ -18,7 +18,7 @@ After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">settin
|
||||
|
||||
## Windows
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) mode (recommended).
|
||||
|
||||
### Windows 10 and 8.x
|
||||
|
||||
@ -88,7 +88,7 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
|
||||
|
||||
## OS X
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/XAuth mode](clients-xauth.md).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||
|
||||
1. Open System Preferences and go to the Network section.
|
||||
1. Click the **+** button in the lower-left corner of the window.
|
||||
@ -113,7 +113,7 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
|
||||
|
||||
## Android
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/XAuth mode](clients-xauth.md).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||
|
||||
1. Launch the **Settings** application.
|
||||
1. Tap "Network & internet". Or, if using Android 7 or earlier, tap **More...** in the **Wireless & networks** section.
|
||||
@ -138,7 +138,7 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
|
||||
|
||||
## iOS
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended), or connect using [IPsec/XAuth mode](clients-xauth.md).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||
|
||||
1. Go to Settings -> General -> VPN.
|
||||
1. Tap **Add VPN Configuration...**.
|
||||
@ -177,7 +177,7 @@ If you get an error when trying to connect, see <a href="#troubleshooting">Troub
|
||||
|
||||
## Linux
|
||||
|
||||
**Note:** You may also [set up IKEv2](ikev2-howto.md) (recommended).
|
||||
**Note:** You may also connect using [IKEv2](ikev2-howto.md) mode (recommended).
|
||||
|
||||
### Ubuntu Linux
|
||||
|
||||
@ -345,7 +345,7 @@ In addition, users running macOS Big Sur 11.0 should update to version 11.1 or n
|
||||
|
||||
To save battery, iOS devices (iPhone/iPad) will automatically disconnect Wi-Fi shortly after the screen turns off (sleep mode). As a result, the IPsec VPN disconnects. This behavior is <a href="https://discussions.apple.com/thread/2333948" target="_blank">by design</a> and cannot be configured.
|
||||
|
||||
If you need the VPN to auto-reconnect when the device wakes up, you may <a href="ikev2-howto.md" target="_blank">set up IKEv2</a> and enable the "VPN On Demand" feature. Alternatively, you may try <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a> instead, which <a href="https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios/" target="_blank">has support for options</a> such as "Reconnect on Wakeup" and "Seamless Tunnel".
|
||||
If you need the VPN to auto-reconnect when the device wakes up, you may connect using [IKEv2](ikev2-howto.md) mode (recommended) and enable the "VPN On Demand" feature. Alternatively, you may try <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a> instead, which <a href="https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios/" target="_blank">has support for options</a> such as "Reconnect on Wakeup" and "Seamless Tunnel".
|
||||
|
||||
Android devices will also disconnect Wi-Fi shortly after entering sleep mode, unless the option "Keep Wi-Fi on during sleep" is enabled. This option is no longer available in Android 8 (Oreo) and newer. Alternatively, you may try enabling the "Always-on VPN" option to stay connected. Learn more <a href="https://support.google.com/android/answer/9089766?hl=en" target="_blank">here</a>.
|
||||
|
||||
@ -409,7 +409,7 @@ ipsec whack --trafficstatus
|
||||
|
||||
## Configure Linux VPN clients using the command line
|
||||
|
||||
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure Linux VPN clients using the command line. Alternatively, you may [set up IKEv2](ikev2-howto.md) (recommended), or configure [using the GUI](#linux). Instructions below are based on [the work of Peter Sanford](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c). Commands must be run as `root` on your VPN client.
|
||||
After <a href="https://github.com/hwdsl2/setup-ipsec-vpn" target="_blank">setting up your own VPN server</a>, follow these steps to configure Linux VPN clients using the command line. Alternatively, you may connect using [IKEv2](ikev2-howto.md) mode (recommended), or [configure using the GUI](#linux). Instructions below are based on [the work of Peter Sanford](https://gist.github.com/psanford/42c550a1a6ad3cb70b13e4aaa94ddb1c). Commands must be run as `root` on your VPN client.
|
||||
|
||||
To set up the VPN client, first install the following packages:
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user