From c6cfd1fe49c0a10ad4b7f2378649936bd3b98f55 Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Wed, 28 Jul 2021 23:33:29 -0500 Subject: [PATCH] Update docs --- README-zh.md | 33 +++++++++++++++------------------ README.md | 33 +++++++++++++++------------------ docs/clients-zh.md | 2 ++ docs/clients.md | 2 ++ 4 files changed, 34 insertions(+), 36 deletions(-) diff --git a/README-zh.md b/README-zh.md index e0a1cf6..8bd3238 100644 --- a/README-zh.md +++ b/README-zh.md @@ -87,30 +87,27 @@ wget https://git.io/vpnsetup-amzn -O vpn.sh && sudo sh vpn.sh && sudo ikev2.sh - ## 系统要求 -一个新创建的 [Amazon EC2](https://aws.amazon.com/ec2/) 实例,使用这些映像之一。你可以使用 [CloudFormation](aws/README-zh.md) 或者 [用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup) 快速部署,或者 [手动部署](#安装说明)。参见 [EC2 定价细节](https://aws.amazon.com/cn/ec2/pricing/)。 -- [Ubuntu 20.04 (Focal) 或者 18.04 (Bionic)](https://cloud-images.ubuntu.com/locator/) -- [Debian 10 (Buster)](https://wiki.debian.org/Cloud/AmazonEC2Image)[\*](#debian-10-note)[ 或者 9 (Stretch)](https://wiki.debian.org/Cloud/AmazonEC2Image) -- [CentOS 8](https://wiki.centos.org/Cloud/AWS)[\*\*](#centos-8-note)[ 或者 7](https://wiki.centos.org/Cloud/AWS) -- [Rocky Linux 8](https://aws.amazon.com/marketplace/seller-profile?id=01538adc-2664-49d5-b926-3381dffce12d) -- [Red Hat Enterprise Linux (RHEL) 8 或者 7](https://aws.amazon.com/partners/redhat/faqs/) -- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) +一个专用服务器或者虚拟专用服务器 (VPS),全新安装以下操作系统之一: -**-或者-** +- Ubuntu 20.04 (Focal) 或者 18.04 (Bionic) +- Debian 10 (Buster)[\*](#debian-10-note) 或者 9 (Stretch) +- CentOS 8[\*\*](#centos-8-note) 或者 7 +- Rocky Linux 8 +- Red Hat Enterprise Linux (RHEL) 8 或者 7 +- Amazon Linux 2 -一个专用服务器或者虚拟专用服务器 (VPS),全新安装以上操作系统之一。OpenVZ VPS 不受支持,用户可以另外尝试 [OpenVPN](https://github.com/Nyr/openvpn-install)。 - -这也包括各种公共云服务中的 Linux 虚拟机,比如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) 和 [IBM Cloud](https://www.ibm.com/cloud/virtual-servers)。 +这也包括各种公共云服务中的 Linux 虚拟机,比如 [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) 和 [IBM Cloud](https://www.ibm.com/cloud/virtual-servers)。[Amazon EC2](https://aws.amazon.com/ec2/) 用户可以使用 [CloudFormation](aws/README-zh.md) 或者 [用户数据](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup) 快速部署。 [![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README-zh.md) [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README-zh.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com/) [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239) [**» 我想建立并使用自己的 VPN ,但是没有可用的服务器**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps) -另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在一个 [Raspberry Pi](https://www.raspberrypi.org) 上搭建 VPN 服务器。参见 [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/)。 +另外,你也可以使用预构建的 [Docker 镜像](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md)。高级用户可以在一个 [Raspberry Pi](https://www.raspberrypi.org) 上搭建 VPN 服务器。[[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/) -\* Debian 10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。如果在 EC2 上使用 Debian 10,你必须首先换用标准的 Linux 内核,然后运行 VPN 安装脚本。 +\* Debian 10 用户需要 [使用标准的 Linux 内核](docs/clients-zh.md#debian-10-内核)。 -\*\* CentOS Linux 8 的支持 [将于2021年12月31日结束](https://wiki.centos.org/About/Product)。 +\*\* CentOS Linux 8 的支持将于 2021 年 12 月 31 日 [结束](https://wiki.centos.org/About/Product)。 :warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本!它们只能用在服务器上! @@ -272,12 +269,12 @@ sudo ikev2.sh --auto 配置你的计算机或其它设备使用 VPN 。请参见: +[**IKEv2 VPN 配置和使用指南**](docs/ikev2-howto-zh.md) + [**配置 IPsec/L2TP VPN 客户端**](docs/clients-zh.md) [**配置 IPsec/XAuth ("Cisco IPsec") VPN 客户端**](docs/clients-xauth-zh.md) -[**IKEv2 VPN 配置和使用指南**](docs/ikev2-howto-zh.md) - 如果在连接过程中遇到错误,请参见 [故障排除](docs/clients-zh.md#故障排除)。 开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles: @@ -290,9 +287,9 @@ sudo ikev2.sh --auto **Android 用户** 如果遇到连接问题,请尝试 [这些步骤](docs/clients-zh.md#android-mtumss-问题)。 -同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性,如果需要同时连接在同一个 NAT(比如家用路由器)后面的多个设备到 VPN 服务器,你必须仅使用 [IPsec/XAuth 模式](docs/clients-xauth-zh.md),或者 [配置 IKEv2](docs/ikev2-howto-zh.md)。 +同一个 VPN 账户可以在你的多个设备上使用。但是由于 IPsec/L2TP 的局限性,如果需要同时连接在同一个 NAT(比如家用路由器)后面的多个设备到 VPN 服务器,你必须仅使用 [IKEv2](docs/ikev2-howto-zh.md) 或者 [IPsec/XAuth](docs/clients-xauth-zh.md) 模式。 -如果需要查看或更改 VPN 用户账户,请参见 [管理 VPN 用户](docs/manage-users-zh.md)。该文档包含辅助脚本,以方便管理 VPN 用户。 +要查看或更改 VPN 用户账户,请参见 [管理 VPN 用户](docs/manage-users-zh.md)。该文档包含辅助脚本,以方便管理 VPN 用户。 对于有外部防火墙的服务器(比如 [EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html)/[GCE](https://cloud.google.com/vpc/docs/firewalls)),请为 VPN 打开 UDP 端口 500 和 4500。阿里云用户请参见 [#433](https://github.com/hwdsl2/setup-ipsec-vpn/issues/433)。 diff --git a/README.md b/README.md index 88ef9ec..7c4fb2b 100644 --- a/README.md +++ b/README.md @@ -87,30 +87,27 @@ A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is ## Requirements -A newly created [Amazon EC2](https://aws.amazon.com/ec2/) instance, from one of these images. You may deploy rapidly using [CloudFormation](aws/README.md) or [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup), or [manually deploy](#installation). Refer to [EC2 pricing](https://aws.amazon.com/ec2/pricing/). -- [Ubuntu 20.04 (Focal) or 18.04 (Bionic)](https://cloud-images.ubuntu.com/locator/) -- [Debian 10 (Buster)](https://wiki.debian.org/Cloud/AmazonEC2Image)[\*](#debian-10-note)[ or 9 (Stretch)](https://wiki.debian.org/Cloud/AmazonEC2Image) -- [CentOS 8](https://wiki.centos.org/Cloud/AWS)[\*\*](#centos-8-note)[ or 7](https://wiki.centos.org/Cloud/AWS) -- [Rocky Linux 8](https://aws.amazon.com/marketplace/seller-profile?id=01538adc-2664-49d5-b926-3381dffce12d) -- [Red Hat Enterprise Linux (RHEL) 8 or 7](https://aws.amazon.com/partners/redhat/faqs/) -- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) +A dedicated server or virtual private server (VPS), freshly installed with one of the following OS: -**-OR-** +- Ubuntu 20.04 (Focal) or 18.04 (Bionic) +- Debian 10 (Buster)[\*](#debian-10-note) or 9 (Stretch) +- CentOS 8[\*\*](#centos-8-note) or 7 +- Rocky Linux 8 +- Red Hat Enterprise Linux (RHEL) 8 or 7 +- Amazon Linux 2 -A dedicated server or virtual private server (VPS), freshly installed with one of the above OS. OpenVZ VPS is not supported, users could instead try [OpenVPN](https://github.com/Nyr/openvpn-install). - -This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) and [IBM Cloud](https://www.ibm.com/cloud/virtual-servers). +This also includes Linux VMs in public clouds, such as [DigitalOcean](https://blog.ls20.com/digitalocean), [Vultr](https://blog.ls20.com/vultr), [Linode](https://blog.ls20.com/linode), [Google Compute Engine](https://cloud.google.com/compute/), [Amazon Lightsail](https://aws.amazon.com/lightsail/), [Microsoft Azure](https://azure.microsoft.com), [OVH](https://www.ovhcloud.com/en/vps/) and [IBM Cloud](https://www.ibm.com/cloud/virtual-servers). [Amazon EC2](https://aws.amazon.com/ec2/) users can deploy rapidly using [CloudFormation](aws/README.md) or [user data](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup). [![Deploy to AWS](docs/images/aws-deploy-button.png)](aws/README.md) [![Deploy to Azure](docs/images/azure-deploy-button.png)](azure/README.md) [![Deploy to DigitalOcean](docs/images/do-install-button.png)](http://dovpn.carlfriess.com/) [![Deploy to Linode](docs/images/linode-deploy-button.png)](https://cloud.linode.com/stackscripts/37239) [**» I want to run my own VPN but don't have a server for that**](https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#gettingavps) -A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is also available. Advanced users can set up the VPN server on a [Raspberry Pi](https://www.raspberrypi.org). See [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/). +A pre-built [Docker image](https://github.com/hwdsl2/docker-ipsec-vpn-server) is also available. Advanced users can set up the VPN server on a [Raspberry Pi](https://www.raspberrypi.org). [[1]](https://elasticbyte.net/posts/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/) [[2]](https://www.stewright.me/2018/07/create-a-raspberry-pi-vpn-server-using-l2tpipsec/) -\* Debian 10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel). If using Debian 10 on EC2, you must first switch to the standard Linux kernel before running the VPN setup script. +\* Debian 10 users should [use the standard Linux kernel](docs/clients.md#debian-10-kernel). -\*\* Support for CentOS Linux 8 [will end on December 31, 2021](https://wiki.centos.org/About/Product). +\*\* Support for CentOS Linux 8 [will end](https://wiki.centos.org/About/Product) on December 31, 2021. :warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server! @@ -272,12 +269,12 @@ sudo ikev2.sh --auto Get your computer or device to use the VPN. Please refer to: +[**Guide: How to Set Up and Use IKEv2 VPN**](docs/ikev2-howto.md) + [**Configure IPsec/L2TP VPN Clients**](docs/clients.md) [**Configure IPsec/XAuth ("Cisco IPsec") VPN Clients**](docs/clients-xauth.md) -[**Guide: How to Set Up and Use IKEv2 VPN**](docs/ikev2-howto.md) - If you get an error when trying to connect, see [Troubleshooting](docs/clients.md#troubleshooting). Enjoy your very own VPN! :sparkles::tada::rocket::sparkles: @@ -290,9 +287,9 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles: **Android users**: If you encounter connection issues, try [these steps](docs/clients.md#android-mtumss-issues). -The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only [IPsec/XAuth mode](docs/clients-xauth.md), or [set up IKEv2](docs/ikev2-howto.md). +The same VPN account can be used by your multiple devices. However, due to an IPsec/L2TP limitation, if you wish to connect multiple devices simultaneously from behind the same NAT (e.g. home router), you must use only [IKEv2](docs/ikev2-howto.md) or [IPsec/XAuth](docs/clients-xauth.md) mode. -If you wish to view or update VPN user accounts, see [Manage VPN users](docs/manage-users.md). Helper scripts are included for convenience. +To view or update VPN user accounts, see [Manage VPN users](docs/manage-users.md). Helper scripts are included for convenience. For servers with an external firewall (e.g. [EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html)/[GCE](https://cloud.google.com/vpc/docs/firewalls)), open UDP ports 500 and 4500 for the VPN. Aliyun users, see [#433](https://github.com/hwdsl2/setup-ipsec-vpn/issues/433). diff --git a/docs/clients-zh.md b/docs/clients-zh.md index 308e16e..f66b758 100644 --- a/docs/clients-zh.md +++ b/docs/clients-zh.md @@ -368,6 +368,8 @@ Debian 10 用户:运行 `uname -r` 以检查你的服务器的 Linux 内核版 要解决此问题,你可以换用标准的 Linux 内核,通过安装比如 `linux-image-amd64` 软件包来实现。然后更新 GRUB 的内核默认值并重启服务器。最后重新运行 VPN 安装脚本。 +如果在 [Amazon EC2](https://aws.amazon.com/ec2/) 上使用 Debian 10,你必须首先换用标准的 Linux 内核,然后运行 VPN 安装脚本。 + ### 其它错误 如果你遇到其它错误,请参见以下链接: diff --git a/docs/clients.md b/docs/clients.md index c35af98..d2cc6a0 100644 --- a/docs/clients.md +++ b/docs/clients.md @@ -367,6 +367,8 @@ Debian 10 users: Run `uname -r` to check your server's Linux kernel version. If To fix, you may switch to the standard Linux kernel by installing e.g. the `linux-image-amd64` package. Then update the default kernel in GRUB and reboot your server. Finally, re-run the VPN setup script. +If using Debian 10 on [Amazon EC2](https://aws.amazon.com/ec2/), you must first switch to the standard Linux kernel before running the VPN setup script. + ### Other errors If you encounter other errors, refer to the links below: