mirror of
https://github.com/hwdsl2/docker-ipsec-vpn-server.git
synced 2026-04-26 01:55:53 +03:00
[GH-ISSUE #13] Internal subnet IP to other container #10
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @ThePutzy on GitHub (Oct 14, 2016).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/13
Hi, sorry for this (stupid) question, but i'm searching two days for a solution.
I have three containers your IPSec container (vpn1), an openvpn container (vpn2) and one proxy (squid) container.
Now i want to send the traffic from VPN through the proxy.
But i need the internal VPN IP of Client in the Proxy.
With OpenVPN it's ok i've solved it.
But with ipsec it's not so easy.
So i need the 192.168.43.0/24 IP in proxy (forwarded-for).
OpenVPN is started with (--network=host).
Proxy is on default bridge and IPSec too.
Do you have any idea to solve it? 😃
vpn1 --- \
# | --- squid --- www
vpn2 --- /
P.S.: Thanks for you work, IPSec setup and IPSec Image are very usefully
@hwdsl2 commented on GitHub (Oct 15, 2016):
@ThePutzy You may also run the VPN container with the
--network=hostswitch. When connecting via IPsec/L2TP, the VPN clients are assigned IPs starting from 192.168.42.10 up to 192.168.42.250. When connecting via IPsec/XAuth, the VPN clients are assigned IPs starting from 192.168.43.10 up to 192.168.43.250.Does this answer your question? If not, please give more details on what you are trying to achieve.
@ThePutzy commented on GitHub (Oct 17, 2016):
I want to setup a bridged network (10.0.0.0/8).
e.g. like this:
OpenVPN Server (10.255.0.1)
IPSec Server (10.255.0.2)
The proxys are only over VPN reachable (we have more proxys, for any Unit at our Company one):
Squid01 (10.10.0.1 || unit1@company.com)
Squid02 (10.10.1.1 || unit2@company.com)
Squid03 (10.10.2.1 || unit3@company.com)
One reverse Proxy (10.0.0.2) to send traffic to apaches in SquidContainer (Setup the Squids with webinterface).
Now i want to send the traffic of 10.10.0.0/24 to Squid01, traffic of 10.10.1.0/24 to Squid02 ....
But i want to send the traffic to the proxy with the internal IP of the Client like 192.168.43.11.
at the moment i have only the IPSec Container IP (10.255.0.2) at the Proxy.
If i start the container like this:
docker run -d --cap-add=NET_ADMIN --network host --name vpn02 --env-file ipsec.env --restart=always -p 500:500/udp -p 4500:4500/udp -v /lib/modules:/lib/modules:ro hwdsl2/ipsec-vpn-serverI can't connect with my device to the container.
@ThePutzy commented on GitHub (Oct 17, 2016):
Now i can connect from my device to the vpn if it's started with "--network host".
But i can't ping from host to 192.168.43.11 (device IP).
@hwdsl2 commented on GitHub (Oct 18, 2016):
@ThePutzy Thanks for the details. Sorry I am still having a hard time understanding your setup. Maybe you can try starting the container with the
--privilegedflag instead of--cap-add=NET_ADMIN, as suggested in the project README. Honestly I am not sure if it is possible to ping from the Docker host to devices on the VPN, even if the container was started with--network host.I am closing this issue as it is not a problem with this repository, but a question for your particular use case. Unfortunately I don't have the required knowledge to help you further on this. I would suggest that you instead seek help from the Docker community. Good luck!
@ThePutzy commented on GitHub (Oct 18, 2016):
No Problem, thanks for your time :-)
@kennyparsons commented on GitHub (Apr 19, 2019):
@ThePutzy I am a few steps behind you. How do you configure the vpn server to use the squid proxy?