From f5cc2a397b8de57fed73fe0e01a889cd4b68884d Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Tue, 1 Mar 2022 00:03:30 -0600 Subject: [PATCH] Update docs --- README-zh.md | 7 +++++++ README.md | 7 +++++++ docs/ikev2-howto-zh.md | 14 +++++++++----- docs/ikev2-howto.md | 14 +++++++++----- 4 files changed, 32 insertions(+), 10 deletions(-) diff --git a/README-zh.md b/README-zh.md index fe3dc5c..61d1e94 100644 --- a/README-zh.md +++ b/README-zh.md @@ -131,6 +131,13 @@ VPN_PASSWORD='你的VPN密码' \ sh vpn.sh ``` +
+ +高级用户可以自定义 IKEv2 选项。 + + +如果你想要自定义 [IKEv2 模式](docs/ikev2-howto-zh.md) 的选项,首先选择上面的选项之一安装 VPN,但是将 `git.io/vpnstart` 替换为 `git.io/vpnsetup`。这样会安装 VPN 但是不配置 IKEv2。在完成后,运行 `sudo ikev2.sh` 配置 IKEv2。 +
如果无法通过 wget 下载,点这里查看解决方案。 diff --git a/README.md b/README.md index df314ac..495c203 100644 --- a/README.md +++ b/README.md @@ -131,6 +131,13 @@ VPN_PASSWORD='your_vpn_password' \ sh vpn.sh ``` +
+ +Advanced users can customize IKEv2 options. + + +If you want to customize options for [IKEv2 mode](docs/ikev2-howto.md), first install the VPN using one of the options above, but replace `git.io/vpnstart` with `git.io/vpnsetup`. This will install the VPN without IKEv2. After that, run `sudo ikev2.sh` to set up IKEv2. +
Click here if you are unable to download using wget. diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md index 6ba7f89..c01fe81 100644 --- a/docs/ikev2-howto-zh.md +++ b/docs/ikev2-howto-zh.md @@ -418,7 +418,7 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key 如果要列出已有的 IKEv2 客户端的名称,运行 [辅助脚本](#使用辅助脚本配置-ikev2) 并添加 `--listclients` 选项。使用参数 `-h` 显示使用信息。 -``` +```bash sudo ikev2.sh --listclients ``` @@ -426,7 +426,7 @@ sudo ikev2.sh --listclients 如果要为更多的 IKEv2 客户端生成证书,只需重新运行 [辅助脚本](#使用辅助脚本配置-ikev2)。要自定义客户端证书选项,可以在不添加参数的情况下运行脚本。 -``` +```bash sudo ikev2.sh --addclient [client name] ``` @@ -436,7 +436,7 @@ sudo ikev2.sh --addclient [client name] 在默认情况下,IKEv2 [辅助脚本](#使用辅助脚本配置-ikev2) 在运行后会导出客户端配置。如果之后你想要为一个已有的客户端导出配置,可以运行: -``` +```bash sudo ikev2.sh --exportclient [client name] ``` @@ -484,7 +484,7 @@ sudo ikev2.sh --exportclient [client name] 在某些情况下,你可能需要吊销一个之前生成的 VPN 客户端证书。要吊销证书,重新运行辅助脚本并选择适当的选项。或者你也可以运行: -``` +```bash sudo ikev2.sh --revokeclient [client name] ``` @@ -881,7 +881,11 @@ chmod +x /opt/src/ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null ## 移除 IKEv2 -如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式(如果已安装),请重新运行 [辅助脚本](#使用辅助脚本配置-ikev2) 并选择 "Remove IKEv2" 选项。**警告:** 这将**永久删除**所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**! +如果你想要从 VPN 服务器移除 IKEv2,但是保留 [IPsec/L2TP](clients-zh.md) 和 [IPsec/XAuth ("Cisco IPsec")](clients-xauth-zh.md) 模式(如果已安装),请重新运行 [辅助脚本](#使用辅助脚本配置-ikev2) 并选择适当的选项。**警告:** 这将**永久删除**所有的 IKEv2 配置(包括证书和密钥),并且**不可撤销**! + +```bash +sudo ikev2.sh --removeikev2 +```
diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md index 1e9a87f..83249ad 100644 --- a/docs/ikev2-howto.md +++ b/docs/ikev2-howto.md @@ -420,7 +420,7 @@ If you get an error when trying to connect, see [Troubleshooting](#troubleshooti If you want to list the names of existing IKEv2 clients, run the [helper script](#set-up-ikev2-using-helper-script) with the `--listclients` option. Use option `-h` to show usage information. -``` +```bash sudo ikev2.sh --listclients ``` @@ -428,7 +428,7 @@ sudo ikev2.sh --listclients To generate certificates for additional IKEv2 clients, just run the [helper script](#set-up-ikev2-using-helper-script) again. To customize client certificate options, run the script without arguments. -``` +```bash sudo ikev2.sh --addclient [client name] ``` @@ -438,7 +438,7 @@ Alternatively, you may manually add a client certificate. Refer to step 4 in [th By default, the IKEv2 [helper script](#set-up-ikev2-using-helper-script) exports client configuration after running. If later you want to export configuration for an existing client, you may use: -``` +```bash sudo ikev2.sh --exportclient [client name] ``` @@ -486,7 +486,7 @@ To delete a client certificate: In certain circumstances, you may need to revoke a previously generated VPN client certificate. To revoke a certificate, run the helper script again and select the appropriate option. Or you may run: -``` +```bash sudo ikev2.sh --revokeclient [client name] ``` @@ -883,7 +883,11 @@ Before continuing, you **must** restart the IPsec service. The IKEv2 setup on th ## Remove IKEv2 -If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes (if installed), run the [helper script](#set-up-ikev2-using-helper-script) again and select the "Remove IKEv2" option. **Warning:** All IKEv2 configuration including certificates and keys will be **permanently deleted**. This **cannot be undone**! +If you want to remove IKEv2 from the VPN server, but keep the [IPsec/L2TP](clients.md) and [IPsec/XAuth ("Cisco IPsec")](clients-xauth.md) modes (if installed), run the [helper script](#set-up-ikev2-using-helper-script) again and select the appropriate option. **Warning:** All IKEv2 configuration including certificates and keys will be **permanently deleted**. This **cannot be undone**! + +```bash +sudo ikev2.sh --removeikev2 +```