starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #11] can't connect vpn service #11

New issue
Closed
opened 2026-03-02 07:11:02 +03:00 by kerem · 10 comments
kerem commented 2026-03-02 07:11:02 +03:00
Owner
Copy link

Originally created by @rc452860 on GitHub (Sep 29, 2016).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/11

[root@sakura ~]# vi /etc/sysctl.conf
[root@sakura ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
[root@sakura ~]# docker restart ipsec-vpn-server
ipsec-vpn-server
[root@sakura ~]# docker ps | grep ipsec-vpn-server
28a744dcf368        hwdsl2/ipsec-vpn-server   "/run.sh"           3 minutes ago       Up 7 seconds        0.0.0.0:500->500/udp, 0.0.0.0:4500->4500/udp   ipsec-vpn-server
[root@sakura ~]# docker logs ipsec-vpn-server

Trying to auto discover IPs of this server...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: ********
IPsec PSK: ********
Username: ********
Password: ********

Write these down. You'll need them to connect!

Setup VPN clients: https://git.io/vpnclients

================================================

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: Initializing NSS database

.
xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 28a744dcf368 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[1]: death_handler: Fatal signal 15 received

Trying to auto discover IPs of this server...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: ********
IPsec PSK: ********
Username: ********
Password: ********

Write these down. You'll need them to connect!

Setup VPN clients: https://git.io/vpnclients

================================================

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: .
xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 28a744dcf368 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
[root@sakura ~]# docker exec -it ipsec-vpn-server netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
udp        0      0 127.0.0.1:4500          0.0.0.0:*                           566/pluto
udp        0      0 172.17.0.2:4500         0.0.0.0:*                           566/pluto
udp        0      0 0.0.0.0:1701            0.0.0.0:*                           1/xl2tpd
udp        0      0 127.0.0.1:500           0.0.0.0:*                           566/pluto
udp        0      0 172.17.0.2:500          0.0.0.0:*                           566/pluto
udp6       0      0 ::1:500                 :::*                                566/pluto
[root@sakura ~]# netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3548/sshd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3472/master
tcp        0      0 ********:22         ********:34916    ESTABLISHED 16477/sshd: root@pt
tcp        0      0 ********:22         ********:37517    ESTABLISHED 20814/sshd: root@pt
tcp        0     36 ********:22         ********:36064    ESTABLISHED 21031/sshd: root@pt
tcp        0      0 ********:22         ********:36563    ESTABLISHED 16887/sshd: root@pt
tcp        0      0 ********:22         ********:34812    ESTABLISHED 20873/sshd: root@pt
tcp6       0      0 :::22                   :::*                    LISTEN      3548/sshd
tcp6       0      0 ::1:25                  :::*                    LISTEN      3472/master
udp        0      0 172.17.0.1:123          0.0.0.0:*                           451/ntpd
udp        0      0 ********:123        0.0.0.0:*                           451/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           451/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           451/ntpd
udp        0      0 0.0.0.0:14769           0.0.0.0:*                           1024/dhclient
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1024/dhclient
udp6       0      0 :::51550                :::*                                1024/dhclient
udp6       0      0 fe80::1ced:73ff:fe5:123 :::*                                451/ntpd
udp6       0      0 fe80::42:1dff:fe54::123 :::*                                451/ntpd
udp6       0      0 fe80::5400:ff:fe37::123 :::*                                451/ntpd
udp6       0      0 ********:123 :::*                                451/ntpd
udp6       0      0 ::1:123                 :::*                                451/ntpd
udp6       0      0 :::123                  :::*                                451/ntpd
udp6       0      0 :::4500                 :::*                                24710/docker-proxy
udp6       0      0 :::500                  :::*                                24717/docker-proxy
[root@sakura ~]#

service seem normal but is still can not connect

[root@sakura ~]# docker version
Client:
 Version:      1.12.1
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   23cf638
 Built:
 OS/Arch:      linux/amd64

Server:
 Version:      1.12.1
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   23cf638
 Built:
 OS/Arch:      linux/amd64


[root@sakura ~]# uname -a
Linux sakura 3.10.0-327.28.3.el7.x86_64 #1 SMP Thu Aug 18 19:05:49 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

[root@sakura ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
Originally created by @rc452860 on GitHub (Sep 29, 2016). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/11 ``` [root@sakura ~]# vi /etc/sysctl.conf [root@sakura ~]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 0 [root@sakura ~]# docker restart ipsec-vpn-server ipsec-vpn-server [root@sakura ~]# docker ps | grep ipsec-vpn-server 28a744dcf368 hwdsl2/ipsec-vpn-server "/run.sh" 3 minutes ago Up 7 seconds 0.0.0.0:500->500/udp, 0.0.0.0:4500->4500/udp ipsec-vpn-server [root@sakura ~]# docker logs ipsec-vpn-server Trying to auto discover IPs of this server... ================================================ IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: ******** IPsec PSK: ******** Username: ******** Password: ******** Write these down. You'll need them to connect! Setup VPN clients: https://git.io/vpnclients ================================================ Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: Initializing NSS database . xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 28a744dcf368 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 xl2tpd[1]: death_handler: Fatal signal 15 received Trying to auto discover IPs of this server... ================================================ IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: ******** IPsec PSK: ******** Username: ******** Password: ******** Write these down. You'll need them to connect! Setup VPN clients: https://git.io/vpnclients ================================================ Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: . xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 28a744dcf368 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 [root@sakura ~]# docker exec -it ipsec-vpn-server netstat -anput Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 127.0.0.1:4500 0.0.0.0:* 566/pluto udp 0 0 172.17.0.2:4500 0.0.0.0:* 566/pluto udp 0 0 0.0.0.0:1701 0.0.0.0:* 1/xl2tpd udp 0 0 127.0.0.1:500 0.0.0.0:* 566/pluto udp 0 0 172.17.0.2:500 0.0.0.0:* 566/pluto udp6 0 0 ::1:500 :::* 566/pluto [root@sakura ~]# netstat -anput Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3548/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3472/master tcp 0 0 ********:22 ********:34916 ESTABLISHED 16477/sshd: root@pt tcp 0 0 ********:22 ********:37517 ESTABLISHED 20814/sshd: root@pt tcp 0 36 ********:22 ********:36064 ESTABLISHED 21031/sshd: root@pt tcp 0 0 ********:22 ********:36563 ESTABLISHED 16887/sshd: root@pt tcp 0 0 ********:22 ********:34812 ESTABLISHED 20873/sshd: root@pt tcp6 0 0 :::22 :::* LISTEN 3548/sshd tcp6 0 0 ::1:25 :::* LISTEN 3472/master udp 0 0 172.17.0.1:123 0.0.0.0:* 451/ntpd udp 0 0 ********:123 0.0.0.0:* 451/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 451/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 451/ntpd udp 0 0 0.0.0.0:14769 0.0.0.0:* 1024/dhclient udp 0 0 0.0.0.0:68 0.0.0.0:* 1024/dhclient udp6 0 0 :::51550 :::* 1024/dhclient udp6 0 0 fe80::1ced:73ff:fe5:123 :::* 451/ntpd udp6 0 0 fe80::42:1dff:fe54::123 :::* 451/ntpd udp6 0 0 fe80::5400:ff:fe37::123 :::* 451/ntpd udp6 0 0 ********:123 :::* 451/ntpd udp6 0 0 ::1:123 :::* 451/ntpd udp6 0 0 :::123 :::* 451/ntpd udp6 0 0 :::4500 :::* 24710/docker-proxy udp6 0 0 :::500 :::* 24717/docker-proxy [root@sakura ~]# service seem normal but is still can not connect [root@sakura ~]# docker version Client: Version: 1.12.1 API version: 1.24 Go version: go1.6.3 Git commit: 23cf638 Built: OS/Arch: linux/amd64 Server: Version: 1.12.1 API version: 1.24 Go version: go1.6.3 Git commit: 23cf638 Built: OS/Arch: linux/amd64 [root@sakura ~]# uname -a Linux sakura 3.10.0-327.28.3.el7.x86_64 #1 SMP Thu Aug 18 19:05:49 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux [root@sakura ~]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core) ```
kerem closed this issue 2026-03-02 07:11:02 +03:00
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

I have tried to restart. that is not working.my client system is win10 pro.

<!-- gh-comment-id:250391644 --> @rc452860 commented on GitHub (Sep 29, 2016): I have tried to restart. that is not working.my client system is win10 pro.
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 29, 2016):

@rc452860 Your logs and command outputs all seem normal. What error did you see on your win10 computer?

Also please destroy and recreate the Docker container with a more secure PSK and password.

<!-- gh-comment-id:250392812 --> @hwdsl2 commented on GitHub (Sep 29, 2016): @rc452860 Your logs and command outputs all seem normal. What error did you see on your win10 computer? Also please destroy and recreate the Docker container with a more secure PSK and password.
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

无法建立计算机与VPN服务器之间的网络连接,因为远程服务器未响应。

<!-- gh-comment-id:250393099 --> @rc452860 commented on GitHub (Sep 29, 2016): 无法建立计算机与VPN服务器之间的网络连接,因为远程服务器未响应。
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

Unable to establish a network connection between the computer and the VPN server because the remote server is not responding.

<!-- gh-comment-id:250393125 --> @rc452860 commented on GitHub (Sep 29, 2016): Unable to establish a network connection between the computer and the VPN server because the remote server is not responding.
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 29, 2016):

@rc452860 Please follow the steps in [1] to fix this issue. Reboot your PC after adding the registry key.

[1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#troubleshooting

<!-- gh-comment-id:250393548 --> @hwdsl2 commented on GitHub (Sep 29, 2016): @rc452860 Please follow the steps in [1] to fix this issue. Reboot your PC after adding the registry key. [1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#troubleshooting
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

is still not working ,I have no problem with direct installation,but in docker not working

<!-- gh-comment-id:250395865 --> @rc452860 commented on GitHub (Sep 29, 2016): is still not working ,I have no problem with direct installation,but in docker not working
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 29, 2016):

@rc452860 Can you try connecting using a different device, such as mobile phone?

<!-- gh-comment-id:250396317 --> @hwdsl2 commented on GitHub (Sep 29, 2016): @rc452860 Can you try connecting using a different device, such as mobile phone?
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

Mobile phones can be connected ...

<!-- gh-comment-id:250397775 --> @rc452860 commented on GitHub (Sep 29, 2016): Mobile phones can be connected ...
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 29, 2016):

@rc452860 OK. That means your server is working good. For your win10 computer, please double check that you have followed the troubleshooting steps in [1]. Remove and re-create the VPN connection if needed.

[1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md

<!-- gh-comment-id:250398128 --> @hwdsl2 commented on GitHub (Sep 29, 2016): @rc452860 OK. That means your server is working good. For your win10 computer, please double check that you have followed the troubleshooting steps in [1]. Remove and re-create the VPN connection if needed. [1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@rc452860 commented on GitHub (Sep 29, 2016):

Thanks...

<!-- gh-comment-id:250398403 --> @rc452860 commented on GitHub (Sep 29, 2016): Thanks...
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#11
No description provided.