From e2cad5c7b8640487ca09f6d3703a477364d63e8c Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Thu, 14 Nov 2024 19:41:33 -0600 Subject: [PATCH] Update docs - Update instructions for assigning static IPs to IKEv2 VPN clients. - Closes #1613. Thanks @huangqingchao for the suggestion. --- docs/advanced-usage-zh.md | 2 +- docs/advanced-usage.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/advanced-usage-zh.md b/docs/advanced-usage-zh.md index 425a036..8b22b6a 100644 --- a/docs/advanced-usage-zh.md +++ b/docs/advanced-usage-zh.md @@ -185,7 +185,7 @@ IKEv2 模式:为 VPN 客户端分配静态 IP **注:** 为要分配静态 IP 的每个客户端添加一个新的 `conn` 小节。`rightid=` 右边的客户端名称必须添加 `@` 前缀。该客户端名称必须与你在[添加客户端证书](ikev2-howto-zh.md#添加客户端证书)时指定的名称完全一致。分配的静态 IP 必须来自子网 `192.168.43.0/24`,并且必须 **不是** 来自自动分配的 IP 地址池(参见上面的 `rightaddresspool`)。在上面的示例中,你只能分配 `192.168.43.1-192.168.43.99` 范围内的静态 IP。 - **注:** 对于 Windows 7/8/10/11 客户端,你必须对 `rightid=` 使用不同的语法。例如,如果客户端名称为 `client1`,则在上面的示例中设置 `rightid="CN=client1, O=IKEv2 VPN"`。 + **注:** 对于 Windows 7/8/10/11 和 [RouterOS](ikev2-howto-zh.md#routeros) 客户端,你必须对 `rightid=` 使用不同的语法。例如,如果客户端名称为 `client1`,则在上面的示例中设置 `rightid="CN=client1, O=IKEv2 VPN"`。 1. **(重要)** 重启 IPsec 服务: ``` service ipsec restart diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 07baad7..79b73fe 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -185,7 +185,7 @@ The example below **ONLY** applies to IKEv2 mode. Commands must be run as `root` **Note:** Add a new `conn` section for each client that you want to assign a static IP to. You must add a `@` prefix to the client name for `rightid=`. The client name must exactly match the name you specified when [adding the client certificate](ikev2-howto.md#add-a-client-certificate). The assigned static IP(s) must be from the subnet `192.168.43.0/24`, and must NOT be from the pool of auto-assigned IPs (see `rightaddresspool` above). In the example above, you can only assign static IP(s) from the range `192.168.43.1-192.168.43.99`. - **Note:** For Windows 7/8/10/11 clients, you must use a different syntax for `rightid=`. For example, if the client name is `client1`, set `rightid="CN=client1, O=IKEv2 VPN"` in the example above. + **Note:** For Windows 7/8/10/11 and [RouterOS](ikev2-howto.md#routeros) clients, you must use a different syntax for `rightid=`. For example, if the client name is `client1`, set `rightid="CN=client1, O=IKEv2 VPN"` in the example above. 1. **(Important)** Restart the IPsec service: ``` service ipsec restart