starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #12] How to allow clients to connect to each other? #12

New issue
Closed
opened 2026-03-02 07:11:02 +03:00 by kerem · 5 comments
kerem commented 2026-03-02 07:11:02 +03:00
Owner
Copy link

Originally created by @013231 on GitHub (Oct 11, 2016).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/12

I've set up a vpn server and now every client is connected to the server. The connections between clients and server is perfect, but these clients can't communicate with each other. How to solve this problem?

Originally created by @013231 on GitHub (Oct 11, 2016). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/12 I've set up a vpn server and now every client is connected to the server. The connections between clients and server is perfect, but these clients can't communicate with each other. How to solve this problem?
kerem closed this issue 2026-03-02 07:11:02 +03:00
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Oct 11, 2016):

@013231 If the VPN clients are connected to the server via IPsec/L2TP, they should be assigned IPs within the VPN subnet 192.168.42.0/24. For example, the VPN server is at 192.168.42.1, and VPN clients are at 192.168.42.10, 192.168.42.11, 192.168.42.12, etc. In the default configuration, VPN clients can communicate with each other using the IP addresses as mentioned above.

<!-- gh-comment-id:253063936 --> @hwdsl2 commented on GitHub (Oct 11, 2016): @013231 If the VPN clients are connected to the server via IPsec/L2TP, they should be assigned IPs within the VPN subnet 192.168.42.0/24. For example, the VPN server is at 192.168.42.1, and VPN clients are at 192.168.42.10, 192.168.42.11, 192.168.42.12, etc. In the default configuration, VPN clients can communicate with each other using the IP addresses as mentioned above.
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@013231 commented on GitHub (Oct 11, 2016):

@hwdsl2 Thanks. I know the subnet ips, but these clients really cannot communicate with each other.
ping 192.168.42.1(ping server from client0):

PING 192.168.42.1 (192.168.42.1) 56(84) bytes of data.
64 bytes from 192.168.42.1: icmp_seq=1 ttl=64 time=6.75 ms
64 bytes from 192.168.42.1: icmp_seq=2 ttl=64 time=6.21 ms

ping 192.168.42.1(ping server from client1):

PING 192.168.42.1 (192.168.42.1) 56(84) bytes of data.
64 bytes from 192.168.42.1: icmp_seq=1 ttl=64 time=6.59 ms
64 bytes from 192.168.42.1: icmp_seq=2 ttl=64 time=6.34 ms

ping 192.168.42.10(ping client0 from server):

PING 192.168.42.10 (192.168.42.10): 56 data bytes
64 bytes from 192.168.42.10: icmp_seq=0 ttl=64 time=8.417 ms
64 bytes from 192.168.42.10: icmp_seq=1 ttl=64 time=6.512 ms

ping 192.168.42.11(ping client1 from server):

PING 192.168.42.11 (192.168.42.11): 56 data bytes
64 bytes from 192.168.42.11: icmp_seq=0 ttl=64 time=7.997 ms
64 bytes from 192.168.42.11: icmp_seq=1 ttl=64 time=6.219 ms

ping 192.168.42.11(ping client1 from client0):

PING 192.168.42.11 (192.168.42.11) 56(84) bytes of data.
7 packets transmitted, 0 received, 100% packet loss, time 5999ms

And I found the solution:
http://unix.stackexchange.com/questions/110436/pptp-allow-remote-clients-to-communicate-with-each-other

<!-- gh-comment-id:253069335 --> @013231 commented on GitHub (Oct 11, 2016): @hwdsl2 Thanks. I know the subnet ips, but these clients really cannot communicate with each other. `ping 192.168.42.1`(ping server from client0): > PING 192.168.42.1 (192.168.42.1) 56(84) bytes of data. > 64 bytes from 192.168.42.1: icmp_seq=1 ttl=64 time=6.75 ms > 64 bytes from 192.168.42.1: icmp_seq=2 ttl=64 time=6.21 ms `ping 192.168.42.1`(ping server from client1): > PING 192.168.42.1 (192.168.42.1) 56(84) bytes of data. > 64 bytes from 192.168.42.1: icmp_seq=1 ttl=64 time=6.59 ms > 64 bytes from 192.168.42.1: icmp_seq=2 ttl=64 time=6.34 ms `ping 192.168.42.10`(ping client0 from server): > PING 192.168.42.10 (192.168.42.10): 56 data bytes > 64 bytes from 192.168.42.10: icmp_seq=0 ttl=64 time=8.417 ms > 64 bytes from 192.168.42.10: icmp_seq=1 ttl=64 time=6.512 ms `ping 192.168.42.11`(ping client1 from server): > PING 192.168.42.11 (192.168.42.11): 56 data bytes > 64 bytes from 192.168.42.11: icmp_seq=0 ttl=64 time=7.997 ms > 64 bytes from 192.168.42.11: icmp_seq=1 ttl=64 time=6.219 ms `ping 192.168.42.11`(ping client1 from client0): > PING 192.168.42.11 (192.168.42.11) 56(84) bytes of data. > 7 packets transmitted, 0 received, 100% packet loss, time 5999ms And I found the solution: http://unix.stackexchange.com/questions/110436/pptp-allow-remote-clients-to-communicate-with-each-other
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Oct 11, 2016):

@013231 Thanks for the update, and happy to hear you got it working. I still think that the IPTables rules in run.sh should take care of this. See run.sh#L210-L224

<!-- gh-comment-id:253070211 --> @hwdsl2 commented on GitHub (Oct 11, 2016): @013231 Thanks for the update, and happy to hear you got it working. I still think that the IPTables rules in run.sh should take care of this. See [run.sh#L210-L224](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/run.sh#L210-L224)
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@013231 commented on GitHub (Oct 11, 2016):

@hwdsl2 Sorry, I use an old image without run.sh#L216 😓

<!-- gh-comment-id:253076834 --> @013231 commented on GitHub (Oct 11, 2016): @hwdsl2 Sorry, I use an old image without [run.sh#L216](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/run.sh#L216) 😓
kerem commented 2026-03-02 07:11:03 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Oct 11, 2016):

@013231 Ah I see where the problem is. I suggest that you update to the latest image using docker pull hwdsl2/ipsec-vpn-server, and deploy a new container using instructions from the README. You may need to stop or destroy the old container before this step.

<!-- gh-comment-id:253077145 --> @hwdsl2 commented on GitHub (Oct 11, 2016): @013231 Ah I see where the problem is. I suggest that you update to the latest image using `docker pull hwdsl2/ipsec-vpn-server`, and deploy a new container using instructions from the README. You may need to stop or destroy the old container before this step.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#12
No description provided.