Update docs
This commit is contained in:
parent
1ca1b158ed
commit
7f65ee217c
@ -507,7 +507,7 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key
|
|||||||
|
|
||||||
### 列出已有的客户端
|
### 列出已有的客户端
|
||||||
|
|
||||||
如果要列出已有的 IKEv2 客户端的名称,运行 [辅助脚本](#使用辅助脚本配置-ikev2) 并添加 `--listclients` 选项。使用参数 `-h` 显示使用信息。
|
要列出已有的 IKEv2 客户端的名称,运行辅助脚本并添加 `--listclients` 选项。使用参数 `-h` 显示使用信息。
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --listclients
|
sudo ikev2.sh --listclients
|
||||||
@ -515,7 +515,7 @@ sudo ikev2.sh --listclients
|
|||||||
|
|
||||||
### 添加客户端证书
|
### 添加客户端证书
|
||||||
|
|
||||||
如果要为更多的 IKEv2 客户端生成证书,只需重新运行 [辅助脚本](#使用辅助脚本配置-ikev2)。要自定义客户端证书选项,可以在不添加参数的情况下运行脚本。
|
要为更多的 IKEv2 客户端添加证书,运行辅助脚本并添加 `--addclient` 选项。要自定义客户端选项,可以在不添加参数的情况下运行脚本。
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --addclient [client name]
|
sudo ikev2.sh --addclient [client name]
|
||||||
@ -525,7 +525,7 @@ sudo ikev2.sh --addclient [client name]
|
|||||||
|
|
||||||
### 导出已有的客户端的配置
|
### 导出已有的客户端的配置
|
||||||
|
|
||||||
在默认情况下,IKEv2 [辅助脚本](#使用辅助脚本配置-ikev2) 在运行后会导出客户端配置。如果之后你想要为一个已有的客户端导出配置,可以运行:
|
在默认情况下,IKEv2 辅助脚本在运行后会导出客户端配置。如果之后你想要导出一个已有的客户端,可以运行:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --exportclient [client name]
|
sudo ikev2.sh --exportclient [client name]
|
||||||
@ -573,7 +573,7 @@ sudo ikev2.sh --exportclient [client name]
|
|||||||
|
|
||||||
### 吊销客户端证书
|
### 吊销客户端证书
|
||||||
|
|
||||||
在某些情况下,你可能需要吊销一个之前生成的 VPN 客户端证书。要吊销证书,重新运行辅助脚本并选择适当的选项。或者你也可以运行:
|
在某些情况下,你可能需要吊销一个之前生成的 VPN 客户端证书。要吊销证书,可以运行辅助脚本。
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --revokeclient [client name]
|
sudo ikev2.sh --revokeclient [client name]
|
||||||
@ -972,7 +972,7 @@ chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
|
|||||||
|
|
||||||
## 移除 IKEv2
|
## 移除 IKEv2
|
||||||
|
|
||||||
如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式(如果已安装),请重新运行 [辅助脚本](#使用辅助脚本配置-ikev2) 并选择适当的选项。**警告:** 这将**永久删除**所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**!
|
如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式(如果已安装),可以运行辅助脚本。**警告:** 这将**永久删除**所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**!
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --removeikev2
|
sudo ikev2.sh --removeikev2
|
||||||
|
@ -122,7 +122,7 @@ To customize IKEv2 or client options, run this script without arguments.
|
|||||||
|
|
||||||
*Read this in other languages: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端).*
|
*Read this in other languages: [English](ikev2-howto.md#configure-ikev2-vpn-clients), [简体中文](ikev2-howto-zh.md#配置-ikev2-vpn-客户端).*
|
||||||
|
|
||||||
**Note:** To add or export IKEv2 client(s), run `sudo ikev2.sh`. Use `-h` to show usage information. IKEv2 client config files can be safely deleted after import.
|
**Note:** To add or export IKEv2 client(s), run `sudo ikev2.sh`. Use `-h` to show usage. IKEv2 client config files can be safely deleted after import.
|
||||||
|
|
||||||
* [Windows 7, 8, 10 and 11](#windows-7-8-10-and-11)
|
* [Windows 7, 8, 10 and 11](#windows-7-8-10-and-11)
|
||||||
* [OS X (macOS)](#os-x-macos)
|
* [OS X (macOS)](#os-x-macos)
|
||||||
@ -509,7 +509,7 @@ for the entire network, or use `192.168.0.10` for just one device, and so on.
|
|||||||
|
|
||||||
### List existing clients
|
### List existing clients
|
||||||
|
|
||||||
If you want to list the names of existing IKEv2 clients, run the [helper script](#set-up-ikev2-using-helper-script) with the `--listclients` option. Use option `-h` to show usage information.
|
To list the names of existing IKEv2 clients, run the helper script with the `--listclients` option. Use option `-h` to show usage.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --listclients
|
sudo ikev2.sh --listclients
|
||||||
@ -517,7 +517,7 @@ sudo ikev2.sh --listclients
|
|||||||
|
|
||||||
### Add a client certificate
|
### Add a client certificate
|
||||||
|
|
||||||
To generate certificates for additional IKEv2 clients, just run the [helper script](#set-up-ikev2-using-helper-script) again. To customize client certificate options, run the script without arguments.
|
To add certificates for additional IKEv2 clients, run the helper script with the `--addclient` option. To customize client options, run the script without arguments.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --addclient [client name]
|
sudo ikev2.sh --addclient [client name]
|
||||||
@ -527,7 +527,7 @@ Alternatively, you may manually add a client certificate. Refer to step 4 in [th
|
|||||||
|
|
||||||
### Export configuration for an existing client
|
### Export configuration for an existing client
|
||||||
|
|
||||||
By default, the IKEv2 [helper script](#set-up-ikev2-using-helper-script) exports client configuration after running. If later you want to export configuration for an existing client, you may use:
|
By default, the IKEv2 helper script exports client configuration after running. If later you want to export an existing client, you may use:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --exportclient [client name]
|
sudo ikev2.sh --exportclient [client name]
|
||||||
@ -575,7 +575,7 @@ To delete a client certificate:
|
|||||||
|
|
||||||
### Revoke a client certificate
|
### Revoke a client certificate
|
||||||
|
|
||||||
In certain circumstances, you may need to revoke a previously generated VPN client certificate. To revoke a certificate, run the helper script again and select the appropriate option. Or you may run:
|
In certain circumstances, you may need to revoke a previously generated VPN client certificate. To revoke a certificate, run the helper script.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --revokeclient [client name]
|
sudo ikev2.sh --revokeclient [client name]
|
||||||
@ -974,7 +974,7 @@ Before continuing, you **must** restart the IPsec service. The IKEv2 setup on th
|
|||||||
|
|
||||||
## Remove IKEv2
|
## Remove IKEv2
|
||||||
|
|
||||||
If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes (if installed), run the [helper script](#set-up-ikev2-using-helper-script) again and select the appropriate option. **Warning:** All IKEv2 configuration including certificates and keys will be **permanently deleted**. This **cannot be undone**!
|
If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes (if installed), run the helper script. **Warning:** All IKEv2 configuration including certificates and keys will be **permanently deleted**. This **cannot be undone**!
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh --removeikev2
|
sudo ikev2.sh --removeikev2
|
||||||
|
Loading…
Reference in New Issue
Block a user