starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #121] Set the subnet range #109

New issue
Closed
opened 2026-03-02 07:27:47 +03:00 by kerem · 5 comments
kerem commented 2026-03-02 07:27:47 +03:00
Owner
Copy link

Originally created by @geiseri on GitHub (Jan 30, 2019).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/121

Right now I have a home network that is 10.10.1.0/24 and my office subnet is 10.0.5.0/24. Right now if I connect to the VPN I can no longer communicate with the office systems because it is trying to route through my home network. Is there a way to tell the VPN to only allow 10.10.1.0/24 traffic to go over the VPN itself and leave the other routes untouched?

Originally created by @geiseri on GitHub (Jan 30, 2019). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/121 Right now I have a home network that is `10.10.1.0/24` and my office subnet is `10.0.5.0/24`. Right now if I connect to the VPN I can no longer communicate with the office systems because it is trying to route through my home network. Is there a way to tell the VPN to only allow `10.10.1.0/24` traffic to go over the VPN itself and leave the other routes untouched?
kerem closed this issue 2026-03-02 07:27:47 +03:00
kerem commented 2026-03-02 07:27:48 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jan 30, 2019):

@geiseri Hello! If I understand it correctly, you have set up a VPN server within your home network. For your use case, please refer to [1] and read all comments. Clone this Git repo, edit run.sh and change leftsubnet value to 10.10.1.0/24. You'll then need to build the Docker image yourself [2] with these customizations, and finally, re-create the container.

[1] https://github.com/hwdsl2/setup-ipsec-vpn/issues/514
[2] https://github.com/hwdsl2/docker-ipsec-vpn-server#build-from-source-code

<!-- gh-comment-id:459093445 --> @hwdsl2 commented on GitHub (Jan 30, 2019): @geiseri Hello! If I understand it correctly, you have set up a VPN server within your home network. For your use case, please refer to [1] and read all comments. Clone this Git repo, edit `run.sh` and change `leftsubnet` value to `10.10.1.0/24`. You'll then need to build the Docker image yourself [2] with these customizations, and finally, re-create the container. [1] https://github.com/hwdsl2/setup-ipsec-vpn/issues/514 [2] https://github.com/hwdsl2/docker-ipsec-vpn-server#build-from-source-code
kerem commented 2026-03-02 07:27:48 +03:00
Author
Owner
Copy link

@geiseri commented on GitHub (Jan 30, 2019):

This is what I did now. I just didn't want to run something special, since a) your docker is very well done, and b) I don't want to chase you :)

If I made a PR that made this a tunable with something VPN_L2TP_NET, VPN_L2TP_LOCAL, and VPN_L2TP_POOL, etc... would that be acceptable?

<!-- gh-comment-id:459112566 --> @geiseri commented on GitHub (Jan 30, 2019): This is what I did now. I just didn't want to run something special, since a) your docker is very well done, and b) I don't want to chase you :) If I made a PR that made this a tunable with something `VPN_L2TP_NET`, `VPN_L2TP_LOCAL`, and `VPN_L2TP_POOL`, etc... would that be acceptable?
kerem commented 2026-03-02 07:27:48 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jan 30, 2019):

@geiseri Thank you for offering to do a PR. However since this is not a common use case we'll probably look into this in the future (not now).

<!-- gh-comment-id:459113357 --> @hwdsl2 commented on GitHub (Jan 30, 2019): @geiseri Thank you for offering to do a PR. However since this is not a common use case we'll probably look into this in the future (not now).
kerem commented 2026-03-02 07:27:48 +03:00
Author
Owner
Copy link

@geiseri commented on GitHub (Jan 30, 2019):

Okay, I will fork and make a branch. Are you okay with a PR sitting in your queue? Either way, other than this small issue, your docker is a slick solution for me, and I am grateful for your work!

<!-- gh-comment-id:459114542 --> @geiseri commented on GitHub (Jan 30, 2019): Okay, I will fork and make a branch. Are you okay with a PR sitting in your queue? Either way, other than this small issue, your docker is a slick solution for me, and I am grateful for your work!
kerem commented 2026-03-02 07:27:49 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jan 30, 2019):

@geiseri Yes, I thought about it again and maybe something like XAUTH_LEFTSUBNET=${VPN_XAUTH_LEFTSUBNET:-'0.0.0.0/0'} (and also replace line 190 with leftsubnet=$XAUTH_LEFTSUBNET would be good. Note that this would only apply to IPsec/XAuth connections (not IPsec/L2TP). I'll look at your PR when ready.

<!-- gh-comment-id:459116902 --> @hwdsl2 commented on GitHub (Jan 30, 2019): @geiseri Yes, I thought about it again and maybe something like `XAUTH_LEFTSUBNET=${VPN_XAUTH_LEFTSUBNET:-'0.0.0.0/0'}` (and also replace line 190 with `leftsubnet=$XAUTH_LEFTSUBNET` would be good. Note that this would only apply to IPsec/XAuth connections (not IPsec/L2TP). I'll look at your PR when ready.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#109
No description provided.