Update docs
- Add/Update client configuration instructions for macOS 13 (Ventura) and newer. Ref: #1421.
This commit is contained in:
parent
f9a5a5ab33
commit
8a06d6d74c
@ -9,7 +9,7 @@ IPsec/XAuth 模式也称为 "Cisco IPsec"。该模式通常能够比 IPsec/L2TP
|
|||||||
---
|
---
|
||||||
* 平台名称
|
* 平台名称
|
||||||
* [Windows](#windows)
|
* [Windows](#windows)
|
||||||
* [OS X (macOS)](#os-x)
|
* [OS X (macOS)](#os-x-macos)
|
||||||
* [Android](#android)
|
* [Android](#android)
|
||||||
* [iOS (iPhone/iPad)](#ios)
|
* [iOS (iPhone/iPad)](#ios)
|
||||||
* [Linux](#linux)
|
* [Linux](#linux)
|
||||||
@ -38,7 +38,30 @@ IPsec/XAuth 模式也称为 "Cisco IPsec"。该模式通常能够比 IPsec/L2TP
|
|||||||
|
|
||||||
如果在连接过程中遇到错误,请参见 [故障排除](clients-zh.md#ikev1-故障排除)。
|
如果在连接过程中遇到错误,请参见 [故障排除](clients-zh.md#ikev1-故障排除)。
|
||||||
|
|
||||||
## OS X
|
## OS X (macOS)
|
||||||
|
|
||||||
|
### macOS 13 (Ventura) and newer
|
||||||
|
|
||||||
|
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/L2TP](clients-zh.md) 模式连接。
|
||||||
|
|
||||||
|
1. 打开系统设置并转到网络部分。
|
||||||
|
1. 在窗口右方单击 **VPN**。
|
||||||
|
1. 从 **添加VPN配置** 下拉菜单选择 **Cisco IPSec**。
|
||||||
|
1. 在打开的窗口中的 **显示名称** 字段中输入任意内容。
|
||||||
|
1. 在 **服务器地址** 字段中输入`你的 VPN 服务器 IP`。
|
||||||
|
1. 在 **帐户名称** 字段中输入`你的 VPN 用户名`。
|
||||||
|
1. 在 **密码** 字段中输入`你的 VPN 密码`。
|
||||||
|
1. 从 **类型** 下拉菜单选择 **共享密钥**。
|
||||||
|
1. 在 **共享密钥** 字段中输入`你的 VPN IPsec PSK`。
|
||||||
|
1. 保持 **群组名称** 字段空白。
|
||||||
|
1. 单击 **创建** 保存 VPN 连接信息。
|
||||||
|
1. 如果要在菜单栏显示 VPN 状态并快速访问相关设置,你可以转到系统设置的控制中心部分,滚动到页面底部并在 **VPN** 下拉菜单选择 **在菜单栏中显示**。
|
||||||
|
|
||||||
|
要连接到 VPN:使用菜单栏中的图标,或者打开系统设置的 **VPN** 部分并启用 VPN 连接。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
||||||
|
|
||||||
|
如果在连接过程中遇到错误,请参见 [故障排除](clients-zh.md#ikev1-故障排除)。
|
||||||
|
|
||||||
|
### macOS 12 (Monterey) and older
|
||||||
|
|
||||||
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/L2TP](clients-zh.md) 模式连接。
|
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/L2TP](clients-zh.md) 模式连接。
|
||||||
|
|
||||||
@ -56,7 +79,7 @@ IPsec/XAuth 模式也称为 "Cisco IPsec"。该模式通常能够比 IPsec/L2TP
|
|||||||
1. 保持 **群组名称** 字段空白。
|
1. 保持 **群组名称** 字段空白。
|
||||||
1. 单击 **好**。
|
1. 单击 **好**。
|
||||||
1. 选中 **在菜单栏中显示 VPN 状态** 复选框。
|
1. 选中 **在菜单栏中显示 VPN 状态** 复选框。
|
||||||
1. 单击 **应用** 保存VPN连接信息。
|
1. 单击 **应用** 保存 VPN 连接信息。
|
||||||
|
|
||||||
要连接到 VPN:使用菜单栏中的图标,或者打开系统偏好设置的网络部分,选择 VPN 并单击 **连接**。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
要连接到 VPN:使用菜单栏中的图标,或者打开系统偏好设置的网络部分,选择 VPN 并单击 **连接**。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@ IPsec/XAuth mode is also called "Cisco IPsec". This mode is generally **faster t
|
|||||||
---
|
---
|
||||||
* Platforms
|
* Platforms
|
||||||
* [Windows](#windows)
|
* [Windows](#windows)
|
||||||
* [OS X (macOS)](#os-x)
|
* [OS X (macOS)](#os-x-macos)
|
||||||
* [Android](#android)
|
* [Android](#android)
|
||||||
* [iOS (iPhone/iPad)](#ios)
|
* [iOS (iPhone/iPad)](#ios)
|
||||||
* [Linux](#linux)
|
* [Linux](#linux)
|
||||||
@ -38,7 +38,30 @@ Once connected, you will see **tunnel enabled** in the VPN Connect status window
|
|||||||
|
|
||||||
If you get an error when trying to connect, see [Troubleshooting](clients.md#ikev1-troubleshooting).
|
If you get an error when trying to connect, see [Troubleshooting](clients.md#ikev1-troubleshooting).
|
||||||
|
|
||||||
## OS X
|
## OS X (macOS)
|
||||||
|
|
||||||
|
### macOS 13 (Ventura) and newer
|
||||||
|
|
||||||
|
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode.
|
||||||
|
|
||||||
|
1. Open **System Settings** and go to the **Network** section.
|
||||||
|
1. Click **VPN** on the right hand side of the window.
|
||||||
|
1. Click the **Add VPN Configuration** drop-down menu and select **Cisco IPSec**.
|
||||||
|
1. In the window that opens, enter anything you like for the **Display name**.
|
||||||
|
1. Enter `Your VPN Server IP` for the **Server address**.
|
||||||
|
1. Enter `Your VPN Username` for the **Account name**.
|
||||||
|
1. Enter `Your VPN Password` for the **Password**.
|
||||||
|
1. Select **Shared secret** from the **Type** drop-down menu.
|
||||||
|
1. Enter `Your VPN IPsec PSK` for the **Shared secret**.
|
||||||
|
1. Leave the **Group name** field blank.
|
||||||
|
1. Click **Create** to save the VPN configuration.
|
||||||
|
1. To show VPN status in your menu bar and for shortcut access, go to the **Control Center** section of **System Settings**. Scroll to the bottom and select `Show in Menu Bar` from the **VPN** drop-down menu.
|
||||||
|
|
||||||
|
To connect to the VPN: Use the menu bar icon, or go to the **VPN** section of **System Settings** and toggle the switch for your VPN configuration. You can verify that your traffic is being routed properly by [looking up your IP address on Google](https://www.google.com/search?q=my+ip). It should say "Your public IP address is `Your VPN Server IP`".
|
||||||
|
|
||||||
|
If you get an error when trying to connect, see [Troubleshooting](clients.md#ikev1-troubleshooting).
|
||||||
|
|
||||||
|
### macOS 12 (Monterey) and older
|
||||||
|
|
||||||
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode.
|
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/L2TP](clients.md) mode.
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
---
|
---
|
||||||
* 平台名称
|
* 平台名称
|
||||||
* [Windows](#windows)
|
* [Windows](#windows)
|
||||||
* [OS X (macOS)](#os-x)
|
* [OS X (macOS)](#os-x-macos)
|
||||||
* [Android](#android)
|
* [Android](#android)
|
||||||
* [iOS (iPhone/iPad)](#ios)
|
* [iOS (iPhone/iPad)](#ios)
|
||||||
* [Chrome OS (Chromebook)](#chrome-os)
|
* [Chrome OS (Chromebook)](#chrome-os)
|
||||||
@ -107,7 +107,34 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
|
|||||||
|
|
||||||
如果在连接过程中遇到错误,请参见 [故障排除](#ikev1-故障排除)。
|
如果在连接过程中遇到错误,请参见 [故障排除](#ikev1-故障排除)。
|
||||||
|
|
||||||
## OS X
|
## OS X (macOS)
|
||||||
|
|
||||||
|
### macOS 13 (Ventura) and newer
|
||||||
|
|
||||||
|
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||||
|
|
||||||
|
1. 打开系统设置并转到网络部分。
|
||||||
|
1. 在窗口右方单击 **VPN**。
|
||||||
|
1. 从 **添加VPN配置** 下拉菜单选择 **L2TP/IPSec**。
|
||||||
|
1. 在打开的窗口中的 **显示名称** 字段中输入任意内容。
|
||||||
|
1. 保持 **配置** 为 **默认**。
|
||||||
|
1. 在 **服务器地址** 字段中输入`你的 VPN 服务器 IP`。
|
||||||
|
1. 在 **帐户名称** 字段中输入`你的 VPN 用户名`。
|
||||||
|
1. 从 **用户认证** 下拉菜单选择 **密码**。
|
||||||
|
1. 在 **密码** 字段中输入`你的 VPN 密码`。
|
||||||
|
1. 从 **机器认证** 下拉菜单选择 **共享密钥**。
|
||||||
|
1. 在 **共享密钥** 字段中输入`你的 VPN IPsec PSK`。
|
||||||
|
1. 保持 **群组名称** 字段空白。
|
||||||
|
1. **(重要)** 单击 **选项** 选项卡,并启用 **通过VPN连接发送所有流量**。
|
||||||
|
1. **(重要)** 单击 **TCP/IP** 选项卡,然后在 **配置IPv6** 下拉菜单选择 **仅本地链接**。
|
||||||
|
1. 单击 **创建** 保存 VPN 连接信息。
|
||||||
|
1. 如果要在菜单栏显示 VPN 状态并快速访问相关设置,你可以转到系统设置的控制中心部分,滚动到页面底部并在 **VPN** 下拉菜单选择 **在菜单栏中显示**。
|
||||||
|
|
||||||
|
要连接到 VPN:使用菜单栏中的图标,或者打开系统设置的 **VPN** 部分并启用 VPN 连接。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
||||||
|
|
||||||
|
如果在连接过程中遇到错误,请参见 [故障排除](#ikev1-故障排除)。
|
||||||
|
|
||||||
|
### macOS 12 (Monterey) and older
|
||||||
|
|
||||||
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
> 你也可以使用 [IKEv2](ikev2-howto-zh.md)(推荐)或者 [IPsec/XAuth](clients-xauth-zh.md) 模式连接。
|
||||||
|
|
||||||
@ -127,7 +154,7 @@ Add-VpnConnection -Name 'My IPsec VPN' -ServerAddress '你的 VPN 服务器 IP'
|
|||||||
1. 选中 **在菜单栏中显示 VPN 状态** 复选框。
|
1. 选中 **在菜单栏中显示 VPN 状态** 复选框。
|
||||||
1. **(重要)** 单击 **高级** 按钮,并选中 **通过VPN连接发送所有通信** 复选框。
|
1. **(重要)** 单击 **高级** 按钮,并选中 **通过VPN连接发送所有通信** 复选框。
|
||||||
1. **(重要)** 单击 **TCP/IP** 选项卡,并在 **配置IPv6** 部分中选择 **仅本地链接**。
|
1. **(重要)** 单击 **TCP/IP** 选项卡,并在 **配置IPv6** 部分中选择 **仅本地链接**。
|
||||||
1. 单击 **好** 关闭高级设置,然后单击 **应用** 保存VPN连接信息。
|
1. 单击 **好** 关闭高级设置,然后单击 **应用** 保存 VPN 连接信息。
|
||||||
|
|
||||||
要连接到 VPN:使用菜单栏中的图标,或者打开系统偏好设置的网络部分,选择 VPN 并单击 **连接**。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
要连接到 VPN:使用菜单栏中的图标,或者打开系统偏好设置的网络部分,选择 VPN 并单击 **连接**。最后你可以到 [这里](https://www.ipchicken.com) 检测你的 IP 地址,应该显示为`你的 VPN 服务器 IP`。
|
||||||
|
|
||||||
@ -597,7 +624,7 @@ echo 1 > /proc/sys/net/ipv4/ip_no_pmtu_disc
|
|||||||
|
|
||||||
### macOS 通过 VPN 发送通信
|
### macOS 通过 VPN 发送通信
|
||||||
|
|
||||||
OS X (macOS) 用户: 如果可以成功地使用 IPsec/L2TP 模式连接,但是你的公有 IP 没有显示为 `你的 VPN 服务器 IP`,请阅读上面的 [OS X](#os-x) 部分并完成以下步骤。保存 VPN 配置然后重新连接。
|
OS X (macOS) 用户: 如果可以成功地使用 IPsec/L2TP 模式连接,但是你的公有 IP 没有显示为 `你的 VPN 服务器 IP`,请阅读上面的 [macOS](#os-x-macos) 部分并完成以下步骤。保存 VPN 配置然后重新连接。
|
||||||
|
|
||||||
1. 单击 **高级** 按钮,并选中 **通过VPN连接发送所有通信** 复选框。
|
1. 单击 **高级** 按钮,并选中 **通过VPN连接发送所有通信** 复选框。
|
||||||
1. 单击 **TCP/IP** 选项卡,并在 **配置IPv6** 部分中选择 **仅本地链接**。
|
1. 单击 **TCP/IP** 选项卡,并在 **配置IPv6** 部分中选择 **仅本地链接**。
|
||||||
|
@ -7,7 +7,7 @@ After [setting up your own VPN server](https://github.com/hwdsl2/setup-ipsec-vpn
|
|||||||
---
|
---
|
||||||
* Platforms
|
* Platforms
|
||||||
* [Windows](#windows)
|
* [Windows](#windows)
|
||||||
* [OS X (macOS)](#os-x)
|
* [OS X (macOS)](#os-x-macos)
|
||||||
* [Android](#android)
|
* [Android](#android)
|
||||||
* [iOS (iPhone/iPad)](#ios)
|
* [iOS (iPhone/iPad)](#ios)
|
||||||
* [Chrome OS (Chromebook)](#chrome-os)
|
* [Chrome OS (Chromebook)](#chrome-os)
|
||||||
@ -107,7 +107,34 @@ To connect to the VPN: Click on the wireless/network icon in your system tray, s
|
|||||||
|
|
||||||
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
||||||
|
|
||||||
## OS X (Pre 13.x Ventura)
|
## OS X (macOS)
|
||||||
|
|
||||||
|
### macOS 13 (Ventura) and newer
|
||||||
|
|
||||||
|
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||||
|
|
||||||
|
1. Open **System Settings** and go to the **Network** section.
|
||||||
|
1. Click **VPN** on the right hand side of the window.
|
||||||
|
1. Click the **Add VPN Configuration** drop-down menu and select **L2TP over IPSec**.
|
||||||
|
1. In the window that opens, enter anything you like for the **Display name**.
|
||||||
|
1. Leave **Configuration** as **Default**.
|
||||||
|
1. Enter `Your VPN Server IP` for the **Server address**.
|
||||||
|
1. Enter `Your VPN Username` for the **Account name**.
|
||||||
|
1. Select **Password** from the **User authentication** drop-down menu.
|
||||||
|
1. Enter `Your VPN Password` for the **Password**.
|
||||||
|
1. Select **Shared secret** from the **Machine authentication** drop-down menu.
|
||||||
|
1. Enter `Your VPN IPsec PSK` for the **Shared secret**.
|
||||||
|
1. Leave the **Group name** field blank.
|
||||||
|
1. **(Important before you click create)** Click the **Options** tab, and make sure the **Send all traffic over VPN connection** toggle is ON.
|
||||||
|
1. **(Important before you click create)** Click the **TCP/IP** tab, and select **Link-local only** from the **Configure IPv6** drop-down menu.
|
||||||
|
1. Click **Create** to save the VPN configuration.
|
||||||
|
1. To show VPN status in your menu bar and for shortcut access, go to the **Control Center** section of **System Settings**. Scroll to the bottom and select `Show in Menu Bar` from the **VPN** drop-down menu.
|
||||||
|
|
||||||
|
To connect to the VPN: Use the menu bar icon, or go to the **VPN** section of **System Settings** and toggle the switch for your VPN configuration. You can verify that your traffic is being routed properly by [looking up your IP address on Google](https://www.google.com/search?q=my+ip). It should say "Your public IP address is `Your VPN Server IP`".
|
||||||
|
|
||||||
|
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
||||||
|
|
||||||
|
### macOS 12 (Monterey) and older
|
||||||
|
|
||||||
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
||||||
|
|
||||||
@ -132,31 +159,6 @@ To connect to the VPN: Use the menu bar icon, or go to the Network section of Sy
|
|||||||
|
|
||||||
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
||||||
|
|
||||||
## OS X 13.x +
|
|
||||||
|
|
||||||
> You may also connect using [IKEv2](ikev2-howto.md) (recommended) or [IPsec/XAuth](clients-xauth.md) mode.
|
|
||||||
|
|
||||||
1. Open **System Settings** and go to the **Network** section.
|
|
||||||
1. Click the **VPN** button on the right hand side of the window.
|
|
||||||
1. Click the **Add VPN Configuration** drop-down menu and select **L2TP over IPSec**.
|
|
||||||
1. In the window that opens enter anything you like for the **Display Name**.
|
|
||||||
1. Leave **Configuration** as `Default`
|
|
||||||
1. Enter `Your VPN Server IP` for the **Server Address**.
|
|
||||||
1. Enter `Your VPN Username` for the **Account Name**.
|
|
||||||
1. For **User Authentication** leave the dropdown selection on `Password`
|
|
||||||
1. For **Password** enter `Your VPN Password`.
|
|
||||||
1. For **Machine Authentication**, select the **Shared Secret** from the dropdown
|
|
||||||
1. For **Shared Secret** enter `Your VPN IPsec PSK`.
|
|
||||||
1. Leave **Group Name** empty
|
|
||||||
1. **(Important before you click create)** Click the **Options** tab and make sure the **Send all traffic over VPN connection** toggle is on.
|
|
||||||
1. **(Important before you click create)** Click the **TCP/IP** tab, and make sure **Link-local only** is selected in the **Configure IPv6** drop down.
|
|
||||||
1. Click **Create** to save yoiur configuration and close the settings window
|
|
||||||
1. To show the VPN status in your menu bar and for shortcut access go into **System Settings** and to the **Control Centre** section. Scroll to the bottom and choose `Show in menu bar` from the dropdown.
|
|
||||||
|
|
||||||
To connect to the VPN: Use the menu bar icon, or go to the **Network** section of **System Settings**, select the **VPN** and toggle the switch for your VPN configuration. You can verify that your traffic is being routed properly by [looking up your IP address on Google](https://www.google.com/search?q=my+ip). It should say "Your public IP address is `Your VPN Server IP`".
|
|
||||||
|
|
||||||
If you get an error when trying to connect, see [Troubleshooting](#ikev1-troubleshooting).
|
|
||||||
|
|
||||||
## Android
|
## Android
|
||||||
|
|
||||||
**Important:** Android users should instead connect using [IKEv2 mode](ikev2-howto.md) (recommended), which is more secure. Android 12+ only supports IKEv2 mode. The native VPN client in Android uses the less secure `modp1024` (DH group 2) for the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
|
**Important:** Android users should instead connect using [IKEv2 mode](ikev2-howto.md) (recommended), which is more secure. Android 12+ only supports IKEv2 mode. The native VPN client in Android uses the less secure `modp1024` (DH group 2) for the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes.
|
||||||
@ -620,7 +622,7 @@ If your Android 6.x or 7.x device cannot connect, try these steps:
|
|||||||
|
|
||||||
### macOS send traffic over VPN
|
### macOS send traffic over VPN
|
||||||
|
|
||||||
OS X (macOS) users: If you can successfully connect using IPsec/L2TP mode, but your public IP does not show `Your VPN Server IP`, read the [OS X](#os-x) section above and complete these steps. Save VPN configuration and re-connect.
|
OS X (macOS) users: If you can successfully connect using IPsec/L2TP mode, but your public IP does not show `Your VPN Server IP`, read the [macOS](#os-x-macos) section above and complete these steps. Save VPN configuration and re-connect.
|
||||||
|
|
||||||
1. Click the **Advanced** button and make sure the **Send all traffic over VPN connection** checkbox is checked.
|
1. Click the **Advanced** button and make sure the **Send all traffic over VPN connection** checkbox is checked.
|
||||||
1. Click the **TCP/IP** tab, and make sure **Link-local only** is selected in the **Configure IPv6** section.
|
1. Click the **TCP/IP** tab, and make sure **Link-local only** is selected in the **Configure IPv6** section.
|
||||||
|
Loading…
Reference in New Issue
Block a user