Update README.md
This commit is contained in:
parent
61d551fc25
commit
5451186530
25
README-zh.md
25
README-zh.md
@ -2,8 +2,7 @@
|
|||||||
|
|
||||||
*其他语言版本: [English](README.md), [简体中文](README-zh.md).*
|
*其他语言版本: [English](README.md), [简体中文](README-zh.md).*
|
||||||
|
|
||||||
使用 Linux Shell 脚本一键搭建 IPsec/L2TP VPN 服务器。适用于 Ubuntu 16.04/14.04/12.04,Debian 8 和 CentOS 6/7 系统。
|
使用这些 Linux Shell 脚本一键快速搭建 IPsec/L2TP VPN 服务器。支持 Ubuntu,Debian 和 CentOS 系统。你只需提供自己的 VPN 登录凭证,然后运行脚本自动完成安装。
|
||||||
你只需提供以下的信息: `IPSEC_PSK` , `VPN_USER` 和 `VPN_PASSWORD` ,然后运行脚本自动完成安装。
|
|
||||||
|
|
||||||
我们将使用 <a href="https://libreswan.org/" target="_blank">Libreswan</a> 作为 IPsec 服务器,以及 <a href="https://github.com/xelerance/xl2tpd" target="_blank">xl2tpd</a> 作为 L2TP 提供者。
|
我们将使用 <a href="https://libreswan.org/" target="_blank">Libreswan</a> 作为 IPsec 服务器,以及 <a href="https://github.com/xelerance/xl2tpd" target="_blank">xl2tpd</a> 作为 L2TP 提供者。
|
||||||
|
|
||||||
@ -20,6 +19,7 @@
|
|||||||
- [重要提示](#重要提示)
|
- [重要提示](#重要提示)
|
||||||
- [关于升级Libreswan](#关于升级libreswan)
|
- [关于升级Libreswan](#关于升级libreswan)
|
||||||
- [问题和反馈](#问题和反馈)
|
- [问题和反馈](#问题和反馈)
|
||||||
|
- [作者](#作者)
|
||||||
- [授权协议](#授权协议)
|
- [授权协议](#授权协议)
|
||||||
|
|
||||||
## 功能特性
|
## 功能特性
|
||||||
@ -36,18 +36,12 @@
|
|||||||
一个新创建的 <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> 实例,使用这些 AMI: (详细步骤<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup" target="_blank">点这里</a>)
|
一个新创建的 <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> 实例,使用这些 AMI: (详细步骤<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup" target="_blank">点这里</a>)
|
||||||
- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)</a>
|
- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)</a>
|
||||||
- <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 8 (Jessie) EC2 Images</a>
|
- <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 8 (Jessie) EC2 Images</a>
|
||||||
- <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates HVM</a>
|
- <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates</a>
|
||||||
- <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates HVM</a>
|
- <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates</a>
|
||||||
|
|
||||||
**-或者-**
|
**-或者-**
|
||||||
|
|
||||||
一个专用服务器,或者基于 KVM/Xen 的虚拟专用服务器 (VPS),全新安装:
|
一个专用服务器,或者基于 KVM/Xen 的虚拟专用服务器 (VPS),全新安装以上操作系统之一。另外也可用 Debian 7 (Wheezy),但是必须首先运行 <a href="extras/vpnsetup-debian-7-workaround.sh" target="_blank">另一个脚本</a>。 OpenVZ VPS 用户请使用其它的 VPN 软件,比如 <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a>。
|
||||||
- Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)
|
|
||||||
- Debian 8 (Jessie)
|
|
||||||
- Debian 7 (Wheezy) » 不推荐。必须先运行<a href="extras/vpnsetup-debian-7-workaround.sh" target="_blank">另一个脚本</a>。
|
|
||||||
- CentOS / Red Hat Enterprise Linux (RHEL) 6 or 7
|
|
||||||
|
|
||||||
OpenVZ VPS 用户请使用其它的 VPN 软件,比如 <a href="https://github.com/Nyr/openvpn-install" target="_blank">Nyr 的 OpenVPN 脚本</a>。
|
|
||||||
|
|
||||||
<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps" target="_blank">**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**</a>
|
<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps" target="_blank">**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**</a>
|
||||||
|
|
||||||
@ -113,7 +107,7 @@ sudo sh vpnsetup_centos.sh
|
|||||||
|
|
||||||
在 VPN 已连接时,客户端配置为使用 <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a>。此设置可在 `options.xl2tpd` 文件的 `ms-dns` 项更改。
|
在 VPN 已连接时,客户端配置为使用 <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a>。此设置可在 `options.xl2tpd` 文件的 `ms-dns` 项更改。
|
||||||
|
|
||||||
如果服务器配置了自定义 SSH 端口(不是 22)或其他服务,请在运行脚本前编辑 <a href="vpnsetup.sh#L291" target="_blank">IPTables 防火墙规则</a>。
|
如果服务器配置了自定义 SSH 端口(不是 22)或其他服务,请在运行脚本前编辑 <a href="vpnsetup.sh#L298" target="_blank">IPTables 防火墙规则</a>。
|
||||||
|
|
||||||
这些脚本在更改现有的配置文件之前会先做备份,使用 `.old-日期-时间` 为文件名后缀。
|
这些脚本在更改现有的配置文件之前会先做备份,使用 `.old-日期-时间` 为文件名后缀。
|
||||||
|
|
||||||
@ -127,6 +121,13 @@ sudo sh vpnsetup_centos.sh
|
|||||||
- Libreswan (IPsec) 的相关问题可在<a href="https://lists.libreswan.org/mailman/listinfo/swan" target="_blank">邮件列表</a>提问。也可以参见这些 wiki 文章:<a href="https://libreswan.org/wiki/Main_Page" target="_blank">[1]</a> <a href="https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server" target="_blank">[2]</a> <a href="https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup" target="_blank">[3]</a> <a href="https://help.ubuntu.com/community/L2TPServer" target="_blank">[4]</a> <a href="https://wiki.strongswan.org/projects/strongswan/wiki/UserDocumentation" target="_blank">[5]</a>。
|
- Libreswan (IPsec) 的相关问题可在<a href="https://lists.libreswan.org/mailman/listinfo/swan" target="_blank">邮件列表</a>提问。也可以参见这些 wiki 文章:<a href="https://libreswan.org/wiki/Main_Page" target="_blank">[1]</a> <a href="https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server" target="_blank">[2]</a> <a href="https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup" target="_blank">[3]</a> <a href="https://help.ubuntu.com/community/L2TPServer" target="_blank">[4]</a> <a href="https://wiki.strongswan.org/projects/strongswan/wiki/UserDocumentation" target="_blank">[5]</a>。
|
||||||
- 如果你发现了一个可重复的程序漏洞,请提交一个 <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues" target="_blank">GitHub Issue</a>。
|
- 如果你发现了一个可重复的程序漏洞,请提交一个 <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues" target="_blank">GitHub Issue</a>。
|
||||||
|
|
||||||
|
## 作者
|
||||||
|
|
||||||
|
##### 宋琳
|
||||||
|
- 最后一年的美国在读博士生,专业是电子与计算机工程 (ECE)
|
||||||
|
- 现在正在积极寻找新的工作机会,比如软件或系统工程师
|
||||||
|
- 在 LinkedIn 上与我联系: <a href="https://www.linkedin.com/in/linsongui" target="_blank">https://www.linkedin.com/in/linsongui</a>
|
||||||
|
|
||||||
## 授权协议
|
## 授权协议
|
||||||
|
|
||||||
版权所有 (C) 2014-2016 Lin Song <a href="https://www.linkedin.com/in/linsongui" target="_blank"><img src="https://static.licdn.com/scds/common/u/img/webpromo/btn_viewmy_160x25.png" width="160" height="25" border="0" alt="View my profile on LinkedIn"></a>
|
版权所有 (C) 2014-2016 Lin Song <a href="https://www.linkedin.com/in/linsongui" target="_blank"><img src="https://static.licdn.com/scds/common/u/img/webpromo/btn_viewmy_160x25.png" width="160" height="25" border="0" alt="View my profile on LinkedIn"></a>
|
||||||
|
21
README.md
21
README.md
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
*Read this in other languages: [English](README.md), [简体中文](README-zh.md).*
|
*Read this in other languages: [English](README.md), [简体中文](README-zh.md).*
|
||||||
|
|
||||||
Scripts for automatic configuration of an IPsec/L2TP VPN server on Ubuntu 16.04/14.04/12.04, Debian 8 and CentOS 6 & 7. All you need to do is providing your own values for `IPSEC_PSK`, `VPN_USER` and `VPN_PASSWORD`, and let them handle the rest.
|
With these scripts, you can set up your own IPsec/L2TP VPN server in just a few minutes on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials. The scripts will handle the rest.
|
||||||
|
|
||||||
We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as the IPsec server, and <a href="https://github.com/xelerance/xl2tpd" target="_blank">xl2tpd</a> as the L2TP provider.
|
We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as the IPsec server, and <a href="https://github.com/xelerance/xl2tpd" target="_blank">xl2tpd</a> as the L2TP provider.
|
||||||
|
|
||||||
@ -36,18 +36,12 @@ We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as th
|
|||||||
A newly created <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> instance, using these AMIs: (See <a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup" target="_blank">instructions</a>)
|
A newly created <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> instance, using these AMIs: (See <a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup" target="_blank">instructions</a>)
|
||||||
- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)</a>
|
- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)</a>
|
||||||
- <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 8 (Jessie) EC2 Images</a>
|
- <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 8 (Jessie) EC2 Images</a>
|
||||||
- <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates HVM</a>
|
- <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates</a>
|
||||||
- <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates HVM</a>
|
- <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates</a>
|
||||||
|
|
||||||
**-OR-**
|
**-OR-**
|
||||||
|
|
||||||
A dedicated server or KVM/Xen-based Virtual Private Server (VPS), with freshly installed:
|
A dedicated server or KVM/Xen-based Virtual Private Server (VPS), freshly installed with one of the above OS. In addition, Debian 7 (Wheezy) can also be used after applying <a href="extras/vpnsetup-debian-7-workaround.sh" target="_blank">this workaround</a>. OpenVZ VPS users should instead try <a href="https://github.com/Nyr/openvpn-install" target="_blank">OpenVPN</a>.
|
||||||
- Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)
|
|
||||||
- Debian 8 (Jessie)
|
|
||||||
- Debian 7 (Wheezy) » Not recommended. Requires <a href="extras/vpnsetup-debian-7-workaround.sh" target="_blank">this workaround</a> to work.
|
|
||||||
- CentOS / Red Hat Enterprise Linux (RHEL) 6 or 7
|
|
||||||
|
|
||||||
OpenVZ VPS users should instead try <a href="https://github.com/Nyr/openvpn-install" target="_blank">Nyr's OpenVPN script</a>.
|
|
||||||
|
|
||||||
<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps" target="_blank">**» I want to run my own VPN but don't have a server for that**</a>
|
<a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps" target="_blank">**» I want to run my own VPN but don't have a server for that**</a>
|
||||||
|
|
||||||
@ -113,7 +107,7 @@ To enable multiple VPN users with different credentials, just <a href="docs/enab
|
|||||||
|
|
||||||
Clients are configured to use <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a> when the VPN is active. To change, set `ms-dns` in `options.xl2tpd`.
|
Clients are configured to use <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a> when the VPN is active. To change, set `ms-dns` in `options.xl2tpd`.
|
||||||
|
|
||||||
For servers with a custom SSH port (not 22) or other services, edit the <a href="vpnsetup.sh#L291" target="_blank">IPTables rules</a> before using.
|
For servers with a custom SSH port (not 22) or other services, edit the <a href="vpnsetup.sh#L298" target="_blank">IPTables rules</a> before using.
|
||||||
|
|
||||||
The scripts will backup existing config files before making changes, with `.old-date-time` suffix.
|
The scripts will backup existing config files before making changes, with `.old-date-time` suffix.
|
||||||
|
|
||||||
@ -130,8 +124,9 @@ The additional scripts <a href="extras/vpnupgrade_Libreswan.sh" target="_blank">
|
|||||||
## Author
|
## Author
|
||||||
|
|
||||||
##### Lin Song
|
##### Lin Song
|
||||||
- Final year U.S. PhD candidate seeking opportunities in Software or Systems Engineering.
|
- Final year U.S. PhD candidate, majoring in Electrical and Computer Engineering (ECE)
|
||||||
- View my LinkedIn profile and contact me: <a href="https://www.linkedin.com/in/linsongui" target="_blank">www.linkedin.com/in/linsongui</a>
|
- Actively seeking opportunities in areas such as Software or Systems Engineering
|
||||||
|
- Contact me on LinkedIn: <a href="https://www.linkedin.com/in/linsongui" target="_blank">https://www.linkedin.com/in/linsongui</a>
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user