[GH-ISSUE #141] How to configure server route tables or gateway to let the remote server visit local network? #127

Closed
opened 2026-03-02 07:27:57 +03:00 by kerem · 4 comments
Owner

Originally created by @Laruto on GitHub (Apr 22, 2019).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/141

Problem

I tried to use IPsec vpn tunnel to let remote server visit services on local network.

After start the docker container, my PC can connect to the IPsec server, and my PC can visit remote service. However, when I try to ping back my PC on the server, it failed. I noticed that something need to be done, such as adding a gateway record to route tables, but I don't know how to.

The following is the server's route tables:

image

The following is the server's IPsec status:

image

Thanks!

Originally created by @Laruto on GitHub (Apr 22, 2019). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/141 ## Problem I tried to use IPsec vpn tunnel to let remote server visit services on local network. After start the docker container, my PC can connect to the IPsec server, and my PC can visit remote service. However, when I try to ping back my PC on the server, it failed. I noticed that something need to be done, such as adding a gateway record to `route tables`, but I don't know how to. ### The following is the server's `route tables`: ![image](https://user-images.githubusercontent.com/19355223/56492825-874ef100-651f-11e9-99fb-dc309d108dae.png) ### The following is the server's IPsec status: ![image](https://user-images.githubusercontent.com/19355223/56493017-3f7c9980-6520-11e9-86e8-995eef122763.png) Thanks!
kerem closed this issue 2026-03-02 07:27:57 +03:00
Author
Owner

@cmsax commented on GitHub (Apr 22, 2019):

Try this:

route add -net 192.168.0.0/18 gw 192.168.42.11
<!-- gh-comment-id:485373069 --> @cmsax commented on GitHub (Apr 22, 2019): Try this: ```bash route add -net 192.168.0.0/18 gw 192.168.42.11 ```
Author
Owner

@Laruto commented on GitHub (Apr 22, 2019):

Try this:

route add -net 192.168.0.0/18 gw 192.168.42.11

network is unreachable

<!-- gh-comment-id:485374410 --> @Laruto commented on GitHub (Apr 22, 2019): > Try this: > > ```shell > route add -net 192.168.0.0/18 gw 192.168.42.11 > ``` network is unreachable
Author
Owner

@hwdsl2 commented on GitHub (Apr 22, 2019):

@Laruto Hello! AFAIK there are a few issues that prevent your use case from working with this Docker image.

Firstly, it is generally more difficult to access the VPN client’s local network from the VPN server. The reverse is normally easier.

Secondly, while connected to the VPN, you may access the VPN client itself from the VPN server using its assigned internal VPN IP (e.g. 192.168.42.10). This is true when not using Docker. However, Docker enforces isolation for the VPN container, such that access to these internal VPN IPs is possible only from inside the container, not from outside (on the Docker host).

Commands that @cmsax suggested could work if you are not using Docker, but instead set up the VPN directly using scripts from my other repo.

<!-- gh-comment-id:485375470 --> @hwdsl2 commented on GitHub (Apr 22, 2019): @Laruto Hello! AFAIK there are a few issues that prevent your use case from working with this Docker image. Firstly, it is generally more difficult to access the VPN client’s local network from the VPN server. The reverse is normally easier. Secondly, while connected to the VPN, you may access the VPN client itself from the VPN server using its assigned internal VPN IP (e.g. 192.168.42.10). This is true when not using Docker. However, Docker enforces isolation for the VPN container, such that access to these internal VPN IPs is possible only from inside the container, not from outside (on the Docker host). Commands that @cmsax suggested could work if you are not using Docker, but instead set up the VPN directly using scripts from my other repo.
Author
Owner

@ldlPlus commented on GitHub (Dec 24, 2020):

我也想知道该怎么弄

<!-- gh-comment-id:750942568 --> @ldlPlus commented on GitHub (Dec 24, 2020): 我也想知道该怎么弄
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#127
No description provided.