README-zh.md

@@ -186,10 +186,6 @@ https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
 
 *其他语言版本: [English](README.md#next-steps), [中文](README-zh.md#下一步)。*
 
-> 如果你喜欢这个项目，可以表达你的支持或感谢。
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="docs/images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="docs/images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
-
 配置你的计算机或其它设备使用 VPN。请参见：
 
 **[配置 IKEv2 VPN 客户端（推荐）](docs/ikev2-howto-zh.md)**
@@ -200,6 +196,10 @@ https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
 
 开始使用自己的专属 VPN! :sparkles::tada::rocket::sparkles:
 
+如果你喜欢这个项目，可以表达你的支持或感谢。
+
+<a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" src="docs/images/kofi1.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="docs/images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
+
 ## 重要提示
 
 **Windows 用户** 对于 IPsec/L2TP 模式，在首次连接之前需要 [修改注册表](docs/clients-zh.md#windows-错误-809)，以解决 VPN 服务器或客户端与 NAT（比如家用路由器）的兼容问题。

README.md

@@ -186,10 +186,6 @@ If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `
 
 *Read this in other languages: [English](README.md#next-steps), [中文](README-zh.md#下一步).*
 
-> Like this project? You can show your support or appreciation.
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="docs/images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="docs/images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
-
 Get your computer or device to use the VPN. Please refer to:
 
 **[Configure IKEv2 VPN Clients (recommended)](docs/ikev2-howto.md)**
@@ -200,6 +196,10 @@ Get your computer or device to use the VPN. Please refer to:
 
 Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
 
+Like this project? You can show your support or appreciation.
+
+<a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" src="docs/images/kofi1.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="docs/images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
+
 ## Important notes
 
 **Windows users**: For IPsec/L2TP mode, a [one-time registry change](docs/clients.md#windows-error-809) is required if the VPN server or client is behind NAT (e.g. home router).

docs/clients-xauth-zh.md

@@ -16,9 +16,7 @@ IPsec/XAuth 模式也称为 "Cisco IPsec"。该模式通常能够比 IPsec/L2TP
   * [iOS (iPhone/iPad)](#ios)
   * [Linux](#linux)
 
-> 如果你喜欢这个项目，可以表达你的支持或感谢。
+如果你喜欢这个项目，可以[表达你的支持或感谢](https://coindrop.to/hwdsl2)。
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ## Windows
 

docs/clients-xauth.md

@@ -16,9 +16,7 @@ IPsec/XAuth mode is also called "Cisco IPsec". This mode is generally **faster t
   * [iOS (iPhone/iPad)](#ios)
   * [Linux](#linux)
 
-> Like this project? You can show your support or appreciation.
+Like this project? You can [show your support or appreciation](https://coindrop.to/hwdsl2).
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ## Windows
 

docs/clients-zh.md

@@ -16,9 +16,7 @@
   * [Linux](#linux)
 * [故障排除](#故障排除)
 
-> 如果你喜欢这个项目，可以表达你的支持或感谢。
+如果你喜欢这个项目，可以[表达你的支持或感谢](https://coindrop.to/hwdsl2)。
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ## Windows
 

docs/clients.md

@@ -16,9 +16,7 @@ After [setting up your own VPN server](https://github.com/hwdsl2/setup-ipsec-vpn
   * [Linux](#linux)
 * [Troubleshooting](#troubleshooting)
 
-> Like this project? You can show your support or appreciation.
+Like this project? You can [show your support or appreciation](https://coindrop.to/hwdsl2).
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ## Windows
 

docs/ikev2-howto-zh.md

@@ -35,9 +35,7 @@ Libreswan 支持通过使用 RSA 签名算法的 X.509 Machine Certificates 来
 * [Linux](#linux)
 * [Mikrotik RouterOS](#routeros)
 
-> 如果你喜欢这个项目，可以表达你的支持或感谢。
+如果你喜欢这个项目，可以[表达你的支持或感谢](https://coindrop.to/hwdsl2)。
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ### Windows 7, 8, 10 和 11
 
@@ -366,7 +364,7 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key
 
 ### RouterOS
 
-**注：** 这些步骤由 [@Unix-User](https://github.com/Unix-User) 提供。建议通过 SSH 连接运行终端命令，例如通过 Putty。
+**注：** 这些步骤由 [@Unix-User](https://github.com/Unix-User) 提供。
 
 1. 将生成的 `.p12` 文件安全地传送到你的计算机。
 
@@ -388,29 +386,6 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key
    ![routeros import certificate](images/routeros-import-cert.gif)
    </details>
 
-   或者，你也可以使用终端命令 (empty passphrase):
-
-   ```bash
-   [admin@MikroTik] > /certificate/import file-name=mikrotik.p12
-   passphrase:
-
-     certificates-imported: 2
-     private-keys-imported: 0
-            files-imported: 1
-       decryption-failures: 0
-     keys-with-no-certificate: 0
-
-   [admin@MikroTik] > /certificate/import file-name=mikrotik.p12
-   passphrase:
-
-        certificates-imported: 0
-        private-keys-imported: 1
-               files-imported: 1
-          decryption-failures: 0
-     keys-with-no-certificate: 0
-
-   ```
-
 3. 在 terminal 中运行以下命令。将以下内容替换为你自己的值。
 `YOUR_VPN_SERVER_IP_OR_DNS_NAME` 是你的 VPN 服务器 IP 或域名。
 `IMPORTED_CERTIFICATE` 是上面第 2 步中的证书名称，例如 `vpnclient.p12_0`
@@ -420,15 +395,23 @@ sudo chmod 600 ikev2vpnca.cer vpnclient.cer vpnclient.key
 来指定整个网络，或者使用 `192.168.0.10` 来指定仅用于一个设备，依此类推。
 
    ```bash
-   /ip firewall address-list add address=THESE_ADDRESSES_GO_THROUGH_VPN list=local
+   /ip firewall address-list
-   /ip ipsec mode-config add name=ike2-rw responder=no src-address-list=local
+   add address=THESE_ADDRESSES_GO_THROUGH_VPN list=local
-   /ip ipsec policy group add name=ike2-rw
+   /ip ipsec mode-config
-   /ip ipsec profile add name=ike2-rw
+   add name=ike2-rw responder=no src-address-list=local
-   /ip ipsec peer add address=YOUR_VPN_SERVER_IP_OR_DNS_NAME exchange-mode=ike2 name=ike2-rw-client profile=ike2-rw
+   /ip ipsec policy group
-   /ip ipsec proposal add name=ike2-rw pfs-group=none
+   add name=ike2-rw
-   /ip ipsec identity add auth-method=digital-signature certificate=IMPORTED_CERTIFICATE generate-policy=port-strict mode-config=ike2-rw \
+   /ip ipsec profile
+   add name=ike2-rw
+   /ip ipsec peer
+   add address=YOUR_VPN_SERVER_IP_OR_DNS_NAME exchange-mode=ike2 name=ike2-rw-client profile=ike2-rw
+   /ip ipsec proposal
+   add name=ike2-rw pfs-group=none
+   /ip ipsec identity
+   add auth-method=digital-signature certificate=IMPORTED_CERTIFICATE generate-policy=port-strict mode-config=ike2-rw \
        peer=ike2-rw-client policy-template-group=ike2-rw
-   /ip ipsec policy add group=ike2-rw proposal=ike2-rw template=yes
+   /ip ipsec policy
+   add group=ike2-rw proposal=ike2-rw template=yes
    ```
 4. 更多信息请参见 [#1112](https://github.com/hwdsl2/setup-ipsec-vpn/issues/1112#issuecomment-1059628623)。
 

docs/ikev2-howto.md

@@ -35,9 +35,7 @@ By default, IKEv2 is automatically set up when running the VPN setup script. If
 * [Linux](#linux)
 * [Mikrotik RouterOS](#routeros)
 
-> Like this project? You can show your support or appreciation.
+Like this project? You can [show your support or appreciation](https://coindrop.to/hwdsl2).
->
-> <a href="https://ko-fi.com/hwdsl2" target="_blank"><img height="36" width="187" src="images/kofi2.png" border="0" alt="Buy Me a Coffee at ko-fi.com" /></a> &nbsp;<a href="https://coindrop.to/hwdsl2" target="_blank"><img src="images/embed-button.png" height="36" width="145" border="0" alt="Coindrop.to me" /></a>
 
 ### Windows 7, 8, 10 and 11
 
@@ -368,7 +366,9 @@ If you get an error when trying to connect, see [Troubleshooting](#troubleshooti
 
 ### RouterOS
 
-**Note:** These steps were contributed by [@Unix-User](https://github.com/Unix-User). It is recommended to run terminal commands via an SSH connection, e.g. via Putty.
+**Note:** These steps were contributed by [@Unix-User](https://github.com/Unix-User).
+
+It is recommended to use terminal command via SSH connection, eg via Putty.
 
 1. Securely transfer the generated `.p12` file to your computer.
 
@@ -382,20 +382,11 @@ If you get an error when trying to connect, see [Troubleshooting](#troubleshooti
 
 2. In WinBox, go to System > certificates > import. Import the `.p12` certificate file twice (yes, import the same file two times!). Verify in your certificates panel. You will see 2 files, the one that is marked KT is the key.
 
-   <details>
-   <summary>
-   Click to see screencast.
-   </summary>
-
-   ![routeros import certificate](images/routeros-import-cert.gif)
-   </details>
-
    Or you can use terminal instead (empty passphrase):
-
    ```bash
    [admin@MikroTik] > /certificate/import file-name=mikrotik.p12
    passphrase:
-
+   
      certificates-imported: 2
      private-keys-imported: 0
             files-imported: 1
@@ -404,7 +395,7 @@ If you get an error when trying to connect, see [Troubleshooting](#troubleshooti
 
    [admin@MikroTik] > /certificate/import file-name=mikrotik.p12
    passphrase:
-
+   
         certificates-imported: 0
         private-keys-imported: 1
                files-imported: 1
@@ -412,6 +403,15 @@ If you get an error when trying to connect, see [Troubleshooting](#troubleshooti
      keys-with-no-certificate: 0
 
    ```
+   
+
+   <details>
+   <summary>
+   Click to see screencast.
+   </summary>
+
+   ![routeros import certificate](images/routeros-import-cert.gif)
+   </details>
 
 3. Run these commands in terminal. Replace the following with your own values.
 `YOUR_VPN_SERVER_IP_OR_DNS_NAME` is your VPN server IP or DNS name.