Update docs
This commit is contained in:
hwdsl2
parent
10f09bbab6
commit
dc1bcb21f9
@ -297,7 +297,7 @@ sudo bash /opt/src/ikev2.sh --auto
|
|||||||
|
|
||||||
## 升级Libreswan
|
## 升级Libreswan
|
||||||
|
|
||||||
在 <a href="extras/" target="_blank">extras/</a> 目录提供额外的脚本,可用于升级 <a href="https://libreswan.org" target="_blank">Libreswan</a>(<a href="https://github.com/libreswan/libreswan/blob/master/CHANGES" target="_blank">更新日志</a> | <a href="https://lists.libreswan.org/mailman/listinfo/swan-announce" target="_blank">通知列表</a>)。请在运行前根据需要修改 `SWAN_VER` 变量。查看已安装版本: `ipsec --version`.
|
在 <a href="extras/" target="_blank">extras/</a> 目录提供额外的脚本,可用于升级 <a href="https://libreswan.org" target="_blank">Libreswan</a>(<a href="https://github.com/libreswan/libreswan/blob/master/CHANGES" target="_blank">更新日志</a> | <a href="https://lists.libreswan.org/mailman/listinfo/swan-announce" target="_blank">通知列表</a>)。请在运行前根据需要修改 `SWAN_VER` 变量。目前支持的最新版本是 `4.3`。查看已安装版本:`ipsec --version`。
|
||||||
|
|
||||||
<details open>
|
<details open>
|
||||||
<summary>
|
<summary>
|
||||||
|
|||||||
@ -297,7 +297,7 @@ The scripts will backup existing config files before making changes, with `.old-
|
|||||||
|
|
||||||
## Upgrade Libreswan
|
## Upgrade Libreswan
|
||||||
|
|
||||||
The additional scripts in <a href="extras/" target="_blank">extras/</a> can be used to upgrade <a href="https://libreswan.org" target="_blank">Libreswan</a> (<a href="https://github.com/libreswan/libreswan/blob/master/CHANGES" target="_blank">changelog</a> | <a href="https://lists.libreswan.org/mailman/listinfo/swan-announce" target="_blank">announce</a>). Edit the `SWAN_VER` variable as necessary. Check which version is installed: `ipsec --version`.
|
The additional scripts in <a href="extras/" target="_blank">extras/</a> can be used to upgrade <a href="https://libreswan.org" target="_blank">Libreswan</a> (<a href="https://github.com/libreswan/libreswan/blob/master/CHANGES" target="_blank">changelog</a> | <a href="https://lists.libreswan.org/mailman/listinfo/swan-announce" target="_blank">announce</a>). Edit the `SWAN_VER` variable as necessary. The latest supported version is `4.3`. Check which version is installed: `ipsec --version`.
|
||||||
|
|
||||||
<details open>
|
<details open>
|
||||||
<summary>
|
<summary>
|
||||||
|
|||||||
@ -82,10 +82,10 @@ sudo VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 bash ikev2.sh --auto
|
|||||||
Usage: bash ikev2.sh [options]
|
Usage: bash ikev2.sh [options]
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
--auto run IKEv2 setup in auto mode using default options (for initial IKEv2 setup only)
|
--auto run IKEv2 setup in auto mode using default options (for initial setup only)
|
||||||
--addclient [client name] add a new IKEv2 client using default options (after IKEv2 setup)
|
--addclient [client name] add a new client using default options (after IKEv2 setup)
|
||||||
--exportclient [client name] export an existing IKEv2 client using default options (after IKEv2 setup)
|
--exportclient [client name] export configuration for an existing client (after IKEv2 setup)
|
||||||
--listclients list the names of existing IKEv2 clients (after IKEv2 setup)
|
--listclients list the names of existing clients (after IKEv2 setup)
|
||||||
--removeikev2 remove IKEv2 and delete all certificates and keys from the IPsec database
|
--removeikev2 remove IKEv2 and delete all certificates and keys from the IPsec database
|
||||||
-h, --help show this help message and exit
|
-h, --help show this help message and exit
|
||||||
|
|
||||||
@ -386,9 +386,9 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key
|
|||||||
首先,请阅读上面的重要说明。然后点这里查看详情。
|
首先,请阅读上面的重要说明。然后点这里查看详情。
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
**重要:** 请先阅读上面的重要说明。如果你仍然想要删除证书,参见下面的步骤。
|
**重要:** 请先阅读上面的重要说明。如果你仍然想要删除证书,参见下面的步骤。此操作 **不可撤销**!
|
||||||
|
|
||||||
如果要从 IPsec 数据库删除一个客户端证书:
|
如果要删除一个客户端证书:
|
||||||
|
|
||||||
1. 列出 IPsec 证书数据库中的证书:
|
1. 列出 IPsec 证书数据库中的证书:
|
||||||
|
|
||||||
@ -768,7 +768,7 @@ apt-get -y install "./libnss3_3.49.1-1ubuntu1.5_amd64.deb" \
|
|||||||
|
|
||||||
## 移除 IKEv2
|
## 移除 IKEv2
|
||||||
|
|
||||||
如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式,请重新运行 [辅助脚本](#使用辅助脚本) 并选择 "Remove IKEv2" 选项。请注意,这将删除所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**!
|
如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式(如果已安装),请重新运行 [辅助脚本](#使用辅助脚本) 并选择 "Remove IKEv2" 选项。请注意,这将删除所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**!
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
|
|||||||
@ -82,10 +82,10 @@ Click here to view usage information for the IKEv2 helper script.
|
|||||||
Usage: bash ikev2.sh [options]
|
Usage: bash ikev2.sh [options]
|
||||||
|
|
||||||
Options:
|
Options:
|
||||||
--auto run IKEv2 setup in auto mode using default options (for initial IKEv2 setup only)
|
--auto run IKEv2 setup in auto mode using default options (for initial setup only)
|
||||||
--addclient [client name] add a new IKEv2 client using default options (after IKEv2 setup)
|
--addclient [client name] add a new client using default options (after IKEv2 setup)
|
||||||
--exportclient [client name] export an existing IKEv2 client using default options (after IKEv2 setup)
|
--exportclient [client name] export configuration for an existing client (after IKEv2 setup)
|
||||||
--listclients list the names of existing IKEv2 clients (after IKEv2 setup)
|
--listclients list the names of existing clients (after IKEv2 setup)
|
||||||
--removeikev2 remove IKEv2 and delete all certificates and keys from the IPsec database
|
--removeikev2 remove IKEv2 and delete all certificates and keys from the IPsec database
|
||||||
-h, --help show this help message and exit
|
-h, --help show this help message and exit
|
||||||
|
|
||||||
@ -388,9 +388,9 @@ By default, the [IKEv2 helper script](#using-helper-scripts) exports client conf
|
|||||||
First, read the important note above. Then click here for instructions.
|
First, read the important note above. Then click here for instructions.
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
**Important:** Please first read the important note above. If you still want to delete a certificate, refer to the steps below.
|
**Important:** Please first read the important note above. If you still want to delete a certificate, refer to the steps below. This action **cannot be undone**!
|
||||||
|
|
||||||
To delete a client certificate from the IPsec database:
|
To delete a client certificate:
|
||||||
|
|
||||||
1. List certificates in the IPsec database:
|
1. List certificates in the IPsec database:
|
||||||
|
|
||||||
@ -770,7 +770,7 @@ Click <a href="clients.md#troubleshooting" target="_blank">here</a> for addition
|
|||||||
|
|
||||||
## Remove IKEv2
|
## Remove IKEv2
|
||||||
|
|
||||||
If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes, run the [helper script](#using-helper-scripts) again and select the "Remove IKEv2" option. Note that this will delete all IKEv2 configuration including certificates and keys, and **cannot be undone**!
|
If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes (if installed), run the [helper script](#using-helper-scripts) again and select the "Remove IKEv2" option. Note that this will delete all IKEv2 configuration including certificates and keys, and **cannot be undone**!
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user