[GH-ISSUE #117] modprobe: ERROR: ../libkmod/libkmod.c:586 #104

New issue

Closed

opened 2026-03-02 07:27:43 +03:00 by kerem · 1 comment

kerem commented 2026-03-02 07:27:43 +03:00

Owner

Copy link

Originally created by @mario26 on GitHub (Jan 24, 2019).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/117

Hello !

I just installed your Docker to use it with my Huawei 4G router.

Thank you for providing this Docker that will be very useful if i can make it work!

To begin, here is my docker-compose.yml file:

     l2tpvpn: 
        image: hwdsl2/ipsec-vpn-server
        #restart: ${RESTART_MODE}
        container_name: l2tpvpn
        volumes:
                - ${VOLUMES_ROOT_PATH}/data/l2tpvpn:/lib/modules:ro
        ports:
                - "500:500/udp"
                - "4500:4500/udp"
        hostname: vpn.exemple.org         
        env_file:
                - ${VOLUMES_ROOT_PATH}/vpn.env
        privileged: true

Here is my vpn.env file:

# Define your own values for these variables
# - DO NOT put "" or '' around values, or add space around =
# - DO NOT use these special characters within values: \ " '
VPN_IPSEC_PSK=passwordkeyipsec
VPN_USER=huawei
VPN_PASSWORD=password1

# (Optional) Define additional VPN users
# - Uncomment and replace with your own values
# - Usernames and passwords must be separated by spaces
# VPN_ADDL_USERS=additional_username_1 additional_username_2
# VPN_ADDL_PASSWORDS=additional_password_1 additional_password_2

# (Optional) Use alternative DNS servers
# - By default, clients are set to use Google Public DNS
# - Example below shows using Cloudflare's DNS service
VPN_DNS_SRV1=1.1.1.1
VPN_DNS_SRV2=1.0.0.1

Here is the docker-compose return when running:

l2tpvpn         | ================================================
l2tpvpn         | 
l2tpvpn         | IPsec VPN server is now ready for use!
l2tpvpn         | 
l2tpvpn         | Connect to your new VPN with these details:
l2tpvpn         | 
l2tpvpn         | Server IP: x.xxx.xx.xxx
l2tpvpn         | IPsec PSK:passwordkeyipsec
l2tpvpn         | Username: huawei
l2tpvpn         | Password: password1
l2tpvpn         | 
l2tpvpn         | Write these down. You'll need them to connect!
l2tpvpn         | 
l2tpvpn         | Important notes:   https://git.io/vpnnotes2
l2tpvpn         | Setup VPN clients: https://git.io/vpnclients
l2tpvpn         | 
l2tpvpn         | ================================================

As you can see i have an error that I do not understand:

l2tpvpn         | modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.15.0-43-generic/modules.dep.bin'
l2tpvpn         | modprobe: FATAL: Module af_key not found in directory /lib/modules/4.15.0-43-generic
l2tpvpn         | FAILURE in loading NETKEY/XFRM stack
l2tpvpn         | Redirecting to: /etc/init.d/ipsec start
l2tpvpn         | FAILURE in loading NETKEY/XFRM stack
l2tpvpn         | Starting pluto IKE daemon for IPsec: .....
l2tpvpn         | xl2tpd[1]: Not looking for kernel SAref support.
l2tpvpn         | xl2tpd[1]: Using l2tp kernel support.
l2tpvpn         | xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on vpn.devosi.org PID:1
l2tpvpn         | xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
l2tpvpn         | xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
l2tpvpn         | xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
l2tpvpn         | xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
l2tpvpn         | xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
l2tpvpn         | xl2tpd[1]: death_handler: Fatal signal 15 received
l2tpvpn         | 
l2tpvpn         | Trying to auto discover IP of this server...

I configured my router like this:

Here is the firewall configuration:

500/udp                    ALLOW       Anywhere                   # public access l2tpvpn
4500/udp                   ALLOW       Anywhere                   # public access l2tpvpn
500/udp (v6)               ALLOW       Anywhere (v6)              # public access l2tpvpn
4500/udp (v6)              ALLOW       Anywhere (v6)              # public access l2tpvpn

It does not work...

Can you help me make your VPN work with Docker?

Thank you

Originally created by @mario26 on GitHub (Jan 24, 2019). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/117 Hello ! I just installed your Docker to use it with my Huawei 4G router. Thank you for providing this Docker that will be very useful if i can make it work! To begin, here is my docker-compose.yml file: ``` l2tpvpn: image: hwdsl2/ipsec-vpn-server #restart: ${RESTART_MODE} container_name: l2tpvpn volumes: - ${VOLUMES_ROOT_PATH}/data/l2tpvpn:/lib/modules:ro ports: - "500:500/udp" - "4500:4500/udp" hostname: vpn.exemple.org env_file: - ${VOLUMES_ROOT_PATH}/vpn.env privileged: true ``` Here is my vpn.env file: ``` # Define your own values for these variables # - DO NOT put "" or '' around values, or add space around = # - DO NOT use these special characters within values: \ " ' VPN_IPSEC_PSK=passwordkeyipsec VPN_USER=huawei VPN_PASSWORD=password1 # (Optional) Define additional VPN users # - Uncomment and replace with your own values # - Usernames and passwords must be separated by spaces # VPN_ADDL_USERS=additional_username_1 additional_username_2 # VPN_ADDL_PASSWORDS=additional_password_1 additional_password_2 # (Optional) Use alternative DNS servers # - By default, clients are set to use Google Public DNS # - Example below shows using Cloudflare's DNS service VPN_DNS_SRV1=1.1.1.1 VPN_DNS_SRV2=1.0.0.1 ``` Here is the docker-compose return when running: ``` l2tpvpn | ================================================ l2tpvpn | l2tpvpn | IPsec VPN server is now ready for use! l2tpvpn | l2tpvpn | Connect to your new VPN with these details: l2tpvpn | l2tpvpn | Server IP: x.xxx.xx.xxx l2tpvpn | IPsec PSK:passwordkeyipsec l2tpvpn | Username: huawei l2tpvpn | Password: password1 l2tpvpn | l2tpvpn | Write these down. You'll need them to connect! l2tpvpn | l2tpvpn | Important notes: https://git.io/vpnnotes2 l2tpvpn | Setup VPN clients: https://git.io/vpnclients l2tpvpn | l2tpvpn | ================================================ ``` As you can see i have an error that I do not understand: ``` l2tpvpn | modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.15.0-43-generic/modules.dep.bin' l2tpvpn | modprobe: FATAL: Module af_key not found in directory /lib/modules/4.15.0-43-generic l2tpvpn | FAILURE in loading NETKEY/XFRM stack l2tpvpn | Redirecting to: /etc/init.d/ipsec start l2tpvpn | FAILURE in loading NETKEY/XFRM stack l2tpvpn | Starting pluto IKE daemon for IPsec: ..... l2tpvpn | xl2tpd[1]: Not looking for kernel SAref support. l2tpvpn | xl2tpd[1]: Using l2tp kernel support. l2tpvpn | xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on vpn.devosi.org PID:1 l2tpvpn | xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. l2tpvpn | xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 l2tpvpn | xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 l2tpvpn | xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 l2tpvpn | xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 l2tpvpn | xl2tpd[1]: death_handler: Fatal signal 15 received l2tpvpn | l2tpvpn | Trying to auto discover IP of this server... ``` I configured my router like this:  Here is the firewall configuration: ``` 500/udp ALLOW Anywhere # public access l2tpvpn 4500/udp ALLOW Anywhere # public access l2tpvpn 500/udp (v6) ALLOW Anywhere (v6) # public access l2tpvpn 4500/udp (v6) ALLOW Anywhere (v6) # public access l2tpvpn ``` It does not work... Can you help me make your VPN work with Docker? Thank you

kerem closed this issue 2026-03-02 07:27:43 +03:00

kerem commented 2026-03-02 07:27:44 +03:00

Author

Owner

Copy link

@hwdsl2 commented on GitHub (Jan 24, 2019):

@mario26 Hello! Before starting the Docker container, it is required to first load the IPsec af_key kernel module on your Docker host. See [1].

On Ubuntu/Debian, the Docker container will try to load it from within the container, but your kernel modules must be bind mounted via /lib/modules.

Change this line in your Docker compose file: - ${VOLUMES_ROOT_PATH}/data/l2tpvpn:/lib/modules:ro to the following: - /lib/modules:/lib/modules:ro. The former is wrong.

[1] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README.md#start-the-ipsec-vpn-server

<!-- gh-comment-id:457185624 --> @hwdsl2 commented on GitHub (Jan 24, 2019): @mario26 Hello! Before starting the Docker container, it is required to first load the IPsec `af_key` kernel module on your Docker host. See [1]. On Ubuntu/Debian, the Docker container will try to load it from within the container, but your kernel modules must be bind mounted via `/lib/modules`. Change this line in your Docker compose file: `- ${VOLUMES_ROOT_PATH}/data/l2tpvpn:/lib/modules:ro` to the following: `- /lib/modules:/lib/modules:ro`. The former is wrong. [1] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README.md#start-the-ipsec-vpn-server

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

No results found.

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

No labels

bug

pull-request

question

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#104

No description provided.