Compare commits
No commits in common. "2d4cf2cb8f35a18452b967f4b4c7d461b0cc4d24" and "56078b0a1ef7ed8f5a2606b5777540f26f96e2a9" have entirely different histories.
2d4cf2cb8f
...
56078b0a1e
44
README-zh.md
44
README-zh.md
@ -130,33 +130,7 @@ sh vpn.sh
|
|||||||
|
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
如果无法下载,请点这里。
|
可选:在安装 VPN 时自定义 IKEv2 选项。
|
||||||
</summary>
|
|
||||||
|
|
||||||
你也可以使用 `curl` 下载。例如:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
curl -fL https://get.vpnsetup.net -o vpn.sh
|
|
||||||
sudo sh vpn.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
或者,你也可以使用这些链接:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
|
|
||||||
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器。
|
|
||||||
</details>
|
|
||||||
|
|
||||||
#### 可选:在安装 VPN 时自定义 IKEv2 选项。
|
|
||||||
|
|
||||||
在安装 VPN 时,你可以自定义 IKEv2 选项。这是可选的。
|
|
||||||
|
|
||||||
<details>
|
|
||||||
<summary>
|
|
||||||
选项 1: 使用环境变量自定义 IKEv2 选项。
|
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
在安装 VPN 时,你可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下:
|
在安装 VPN 时,你可以指定一个域名作为 IKEv2 服务器地址。这是可选的。该域名必须是一个全称域名(FQDN)。示例如下:
|
||||||
@ -185,24 +159,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
|
|||||||
</details>
|
</details>
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
选项 2: 在安装 VPN 时跳过 IKEv2,然后使用自定义选项配置 IKEv2。
|
如果无法下载,请点这里。
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
在安装 VPN 时,你可以跳过 IKEv2,仅安装 IPsec/L2TP 和 IPsec/XAuth ("Cisco IPsec") 模式:
|
你也可以使用 `curl` 下载。例如:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo VPN_SKIP_IKEV2=yes sh vpn.sh
|
curl -fL https://get.vpnsetup.net -o vpn.sh
|
||||||
|
sudo sh vpn.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
(可选)如需指定另外的 DNS 服务器,请参见上面的选项 1。
|
或者,你也可以使用这些链接:
|
||||||
|
|
||||||
然后运行 IKEv2 [辅助脚本](docs/ikev2-howto-zh.md#使用辅助脚本配置-ikev2) 使用自定义选项以交互方式配置 IKEv2:
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh
|
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
|
||||||
|
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
**注:** 如果服务器上已经配置了 IKEv2,则 `VPN_SKIP_IKEV2` 变量无效。在这种情况下,如需自定义 IKEv2 选项,你可以首先 [移除 IKEv2](docs/ikev2-howto-zh.md#移除-ikev2),然后运行 `sudo ikev2.sh` 重新配置。
|
如果无法下载,打开 [vpnsetup.sh](vpnsetup.sh),然后点击右边的 `Raw` 按钮。按快捷键 `Ctrl/Cmd+A` 全选,`Ctrl/Cmd+C` 复制,然后粘贴到你喜欢的编辑器。
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
## 下一步
|
## 下一步
|
||||||
|
44
README.md
44
README.md
@ -130,33 +130,7 @@ After setup, you may optionally install [WireGuard](https://github.com/hwdsl2/wi
|
|||||||
|
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
Click here if you are unable to download.
|
Optional: Customize IKEv2 options during VPN setup.
|
||||||
</summary>
|
|
||||||
|
|
||||||
You may also use `curl` to download. For example:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
curl -fL https://get.vpnsetup.net -o vpn.sh
|
|
||||||
sudo sh vpn.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
Alternative setup URLs:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
|
|
||||||
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
|
|
||||||
```
|
|
||||||
|
|
||||||
If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
|
|
||||||
</details>
|
|
||||||
|
|
||||||
#### Optional: Customize IKEv2 options during VPN setup.
|
|
||||||
|
|
||||||
When installing the VPN, you can optionally customize IKEv2 options.
|
|
||||||
|
|
||||||
<details>
|
|
||||||
<summary>
|
|
||||||
Option 1: Customize IKEv2 options using environment variables.
|
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
When installing the VPN, you can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example:
|
When installing the VPN, you can optionally specify a DNS name for the IKEv2 server address. The DNS name must be a fully qualified domain name (FQDN). Example:
|
||||||
@ -185,24 +159,24 @@ sudo VPN_PROTECT_CONFIG=yes sh vpn.sh
|
|||||||
</details>
|
</details>
|
||||||
<details>
|
<details>
|
||||||
<summary>
|
<summary>
|
||||||
Option 2: Skip IKEv2 during VPN setup, then set up IKEv2 using custom options.
|
Click here if you are unable to download.
|
||||||
</summary>
|
</summary>
|
||||||
|
|
||||||
When installing the VPN, you can skip IKEv2 and only install the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes:
|
You may also use `curl` to download. For example:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo VPN_SKIP_IKEV2=yes sh vpn.sh
|
curl -fL https://get.vpnsetup.net -o vpn.sh
|
||||||
|
sudo sh vpn.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
(Optional) If you want to specify custom DNS server(s), refer to option 1 above.
|
Alternative setup URLs:
|
||||||
|
|
||||||
After that, run the IKEv2 [helper script](docs/ikev2-howto.md#set-up-ikev2-using-helper-script) to set up IKEv2 interactively using custom options:
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo ikev2.sh
|
https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh
|
||||||
|
https://gitlab.com/hwdsl2/setup-ipsec-vpn/-/raw/master/vpnsetup.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note:** The `VPN_SKIP_IKEV2` variable has no effect if IKEv2 is already set up on the server. In that case, to customize IKEv2 options, you can first [remove IKEv2](docs/ikev2-howto.md#remove-ikev2), then set it up again using `sudo ikev2.sh`.
|
If you are unable to download, open [vpnsetup.sh](vpnsetup.sh), then click the `Raw` button on the right. Press `Ctrl/Cmd+A` to select all, `Ctrl/Cmd+C` to copy, then paste into your favorite editor.
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
## Next steps
|
## Next steps
|
||||||
|
@ -188,7 +188,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -266,8 +266,7 @@ run_setup() {
|
|||||||
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|
||||||
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|
||||||
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
||||||
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" \
|
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
||||||
VPN_PASSWORD="$VPN_PASSWORD" \
|
|
||||||
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
||||||
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
||||||
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
@ -188,7 +188,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -266,8 +266,7 @@ run_setup() {
|
|||||||
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url1" \
|
||||||
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|
|| wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url2" \
|
||||||
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
|| curl -fsL "$setup_url1" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
||||||
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" \
|
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
||||||
VPN_PASSWORD="$VPN_PASSWORD" \
|
|
||||||
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
||||||
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
||||||
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
@ -130,7 +130,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -112,7 +112,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -158,7 +158,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -149,7 +149,7 @@ check_dns() {
|
|||||||
|
|
||||||
check_server_dns() {
|
check_server_dns() {
|
||||||
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user