diff --git a/README-zh.md b/README-zh.md
index affbb89..ee2bb8e 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -25,8 +25,8 @@
## 功能特性
-- **NEW:** 新增支持更高效的 `IPsec/XAuth ("Cisco IPsec")` 模式
-- **NEW:** 现在可以下载 VPN 服务器的预构建 Docker 映像
+- :new: 新增支持更高效的 `IPsec/XAuth ("Cisco IPsec")` 模式
+- :new: 现在可以下载 VPN 服务器的预构建 Docker 镜像
- 全自动的 IPsec VPN 服务器配置,无需用户输入
- 封装所有的 VPN 流量在 UDP 协议,不需要 ESP 协议支持
- 可直接作为 Amazon EC2 实例创建时的用户数据使用
@@ -56,18 +56,18 @@
首先,更新你的系统: 运行 `apt-get update && apt-get dist-upgrade` 并重启。这一步是可选的,但推荐。
-**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (会在屏幕上显示):
+**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (完成后会在屏幕上显示):
```bash
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
```
-**选项 2:** 输入你自己的 VPN 登录凭证,或者将它们定义为环境变量:
+**选项 2:** 编辑脚本并提供你自己的 VPN 登录凭证:
```bash
wget https://git.io/vpnsetup -O vpnsetup.sh
-nano -w vpnsetup.sh
-[修改为你自己的值: VPN_IPSEC_PSK, VPN_USER 和 VPN_PASSWORD]
+nano -w vpnsetup.sh # 或者使用你喜欢的编辑器
+[替换为你自己的值: YOUR_IPSEC_PSK, YOUR_USERNAME 和 YOUR_PASSWORD]
sudo sh vpnsetup.sh
```
@@ -75,22 +75,9 @@ sudo sh vpnsetup.sh
首先,更新你的系统: 运行 `yum update` 并重启。这一步是可选的,但推荐。
-**选项 1:** 使用脚本随机生成的 VPN 登录凭证 (会在屏幕上显示):
+然后按照与上面相同的步骤,但是将 `https://git.io/vpnsetup` 换成 `https://git.io/vpnsetup-centos`。
-```bash
-wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh
-```
-
-**选项 2:** 输入你自己的 VPN 登录凭证,或者将它们定义为环境变量:
-
-```bash
-wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh
-nano -w vpnsetup_centos.sh
-[修改为你自己的值: VPN_IPSEC_PSK, VPN_USER 和 VPN_PASSWORD]
-sudo sh vpnsetup_centos.sh
-```
-
-如果无法通过 `wget` 下载,你也可以打开 vpnsetup.sh (或者 vpnsetup_centos.sh),然后点击右方的 **`Raw`** 按钮。按快捷键 `Ctrl-A` 全选, `Ctrl-C` 复制,然后粘贴到你喜欢的编辑器。
+注: 如果无法通过 `wget` 下载,你也可以打开 vpnsetup.sh (或者 vpnsetup_centos.sh),然后点击右方的 **`Raw`** 按钮。按快捷键 `Ctrl-A` 全选, `Ctrl-C` 复制,然后粘贴到你喜欢的编辑器。
## 下一步
@@ -103,11 +90,11 @@ sudo sh vpnsetup_centos.sh
## 重要提示
-**Windows 用户** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外请打开 VPN 连接属性的"安全"选项卡,并确保仅选中 "CHAP" 选项。
+**Windows 用户** 在首次连接之前需要修改一次注册表,以解决 VPN 服务器和客户端与 NAT (比如家用路由器)的兼容问题。另外如果遇到 `错误 628`,请打开 VPN 连接属性的 "安全" 选项卡,并确保仅选中 "CHAP" 选项。
**Android 6 (Marshmallow) 用户** 请参考此文档中的注释: 配置 IPsec/L2TP VPN 客户端。
-如果你需要添加,编辑或者删除 VPN 用户账户,请参见 管理 VPN 用户。
+如果需要添加,编辑或者删除 VPN 用户账户,请参见 管理 VPN 用户。
在 VPN 已连接时,客户端配置为使用 Google Public DNS。如果要使用另外的 DNS 服务商,可以编辑文件 `options.xl2tpd` 和 `ipsec.conf` 并用新的服务器替换 `8.8.8.8` 和 `8.8.4.4`。然后重新启动系统。
@@ -121,9 +108,9 @@ sudo sh vpnsetup_centos.sh
## 问题和反馈
-- 有问题需要提问?请先搜索其他用户的留言,在这个 GitHub Gist 以及我的博客文章。
+- 有问题需要提问?请先搜索已有的留言,在这个 Gist 以及我的博客。
- Libreswan (IPsec) 的相关问题可在邮件列表提问。也可以参见这些文章:[1] [2] [3] [4] [5]。
-- 如果你发现了一个可重复的程序漏洞,请提交一个 GitHub Issue。
+- 如果你发现了一个可重复的程序漏洞,请提交一个 GitHub Issue。
## 另见
diff --git a/README.md b/README.md
index a078aac..0d0bf16 100644
--- a/README.md
+++ b/README.md
@@ -25,8 +25,8 @@ We will use Libreswan as th
## Features
-- **NEW:** The faster `IPsec/XAuth ("Cisco IPsec")` mode is now supported
-- **NEW:** A pre-built Docker image of the VPN server is now available
+- :new: The faster `IPsec/XAuth ("Cisco IPsec")` mode is now supported
+- :new: A pre-built Docker image of the VPN server is now available
- Fully automated IPsec VPN server setup, no user input needed
- Encapsulates all VPN traffic in UDP - does not need ESP protocol
- Can be directly used as "user-data" for a new Amazon EC2 instance
@@ -44,7 +44,7 @@ A newly created Amazon EC2
**-OR-**
-A dedicated server or KVM/Xen-based Virtual Private Server (VPS), freshly installed with one of the above OS. In addition, Debian 7 (Wheezy) can also be used after applying this workaround. OpenVZ VPS users should instead try OpenVPN.
+A dedicated server or KVM/Xen-based Virtual Private Server (VPS), freshly installed with one of the above OS. In addition, Debian 7 (Wheezy) can also be used with this workaround. OpenVZ VPS users should instead try OpenVPN.
**» I want to run my own VPN but don't have a server for that**
@@ -56,18 +56,18 @@ A dedicated server or KVM/Xen-based Virtual Private Server (VPS), freshly instal
First, update your system with `apt-get update && apt-get dist-upgrade` and reboot. This is optional, but recommended.
-**Option 1:** Have the script generate random VPN credentials for you (will be displayed on the screen):
+**Option 1:** Have the script generate random VPN credentials for you (will be displayed when finished):
```bash
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
```
-**Option 2:** Enter your own VPN credentials, or define them as environment variables:
+**Option 2:** Edit the script and provide your own VPN credentials:
```bash
wget https://git.io/vpnsetup -O vpnsetup.sh
-nano -w vpnsetup.sh
-[Replace with your own values: VPN_IPSEC_PSK, VPN_USER and VPN_PASSWORD]
+nano -w vpnsetup.sh # or use your favorite editor
+[Replace with your own values: YOUR_IPSEC_PSK, YOUR_USERNAME and YOUR_PASSWORD]
sudo sh vpnsetup.sh
```
@@ -75,22 +75,9 @@ sudo sh vpnsetup.sh
First, update your system with `yum update` and reboot. This is optional, but recommended.
-**Option 1:** Have the script generate random VPN credentials for you (will be displayed on the screen):
+Then follow the same steps as above, but replace `https://git.io/vpnsetup` with `https://git.io/vpnsetup-centos`.
-```bash
-wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh && sudo sh vpnsetup_centos.sh
-```
-
-**Option 2:** Enter your own VPN credentials, or define them as environment variables:
-
-```bash
-wget https://git.io/vpnsetup-centos -O vpnsetup_centos.sh
-nano -w vpnsetup_centos.sh
-[Replace with your own values: VPN_IPSEC_PSK, VPN_USER and VPN_PASSWORD]
-sudo sh vpnsetup_centos.sh
-```
-
-If unable to download via `wget`, you may alternatively open vpnsetup.sh (or vpnsetup_centos.sh) and click the **`Raw`** button. Press `Ctrl-A` to select all, `Ctrl-C` to copy, then paste into your favorite editor.
+Note: If unable to download via `wget`, you may also open vpnsetup.sh (or vpnsetup_centos.sh) and click the **`Raw`** button. Press `Ctrl-A` to select all, `Ctrl-C` to copy, then paste into your favorite editor.
## Next Steps
@@ -103,7 +90,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
## Important Notes
-For **Windows users**, a one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). In addition, open the "Security" tab of VPN connection properties and make sure only "CHAP" is selected.
+For **Windows users**, a one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router). Also, if you see `Error 628`, open the "Security" tab of VPN connection properties and make sure only "CHAP" is selected.
**Android 6 (Marshmallow) users**: Please see notes in Configure IPsec/L2TP VPN Clients.
@@ -121,9 +108,9 @@ The additional scripts
## Bugs & Questions
-- Got a question? Please first search other people's comments in this GitHub Gist and on my blog.
+- Got a question? Please first search other people's comments in this Gist and on my blog.
- Ask Libreswan (IPsec) related questions on the mailing list, or read these articles: [1] [2] [3] [4] [5].
-- If you found a reproducible bug, open a GitHub Issue to submit a bug report.
+- If you found a reproducible bug, open a GitHub Issue to submit a bug report.
## See Also