starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #191] l2tp without IPSec #175

New issue
Closed
opened 2026-03-02 07:44:28 +03:00 by kerem · 6 comments
kerem commented 2026-03-02 07:44:28 +03:00
Owner
Copy link

Originally created by @ilya-demidovich on GitHub (May 11, 2020).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/191

Hello!

First of all, thank you for this image:-)

Could you please add an option to use your image without IPSec?
Or maybe can you suggest how to modify it? In my case I need only pure l2tp with login/pass auth.

Best,
Ilya

Originally created by @ilya-demidovich on GitHub (May 11, 2020). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/191 Hello! First of all, thank you for this image:-) Could you please add an option to use your image without IPSec? Or maybe can you suggest how to modify it? In my case I need only pure l2tp with login/pass auth. Best, Ilya
kerem closed this issue 2026-03-02 07:44:28 +03:00
kerem commented 2026-03-02 07:44:29 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (May 12, 2020):

@krotish Hello! Using L2TP without IPsec is not supported, because network traffic is not encrypted at all in this mode, which defeats the purpose of using a VPN.

<!-- gh-comment-id:627083812 --> @hwdsl2 commented on GitHub (May 12, 2020): @krotish Hello! Using L2TP without IPsec is not supported, because network traffic is not encrypted at all in this mode, which defeats the purpose of using a VPN.
kerem commented 2026-03-02 07:44:30 +03:00
Author
Owner
Copy link

@pilot7747 commented on GitHub (Jun 13, 2022):

@hwdsl2 Hello! I've found multiple issues mentioning that users want to setup L2TP without IPsec and it perfectly makes sense:

  1. Many routers support only L2TP (without IPsec)
  2. There are million possible reasons to use an unencrypted VPN, e.g., just to change a location or bypass banned web-sites

So, it would be great if you could suggest how to modify the image.

<!-- gh-comment-id:1154090852 --> @pilot7747 commented on GitHub (Jun 13, 2022): @hwdsl2 Hello! I've found multiple issues mentioning that users want to setup L2TP without IPsec and it perfectly makes sense: 1. Many routers support only L2TP (without IPsec) 2. There are million possible reasons to use an unencrypted VPN, e.g., just to change a location or bypass banned web-sites So, it would be great if you could suggest how to modify the image.
kerem commented 2026-03-02 07:44:30 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jun 14, 2022):

@pilot7747 Thanks for your suggestion. However, I don't have plans to enable L2TP without IPsec in this project, because traffic in this mode is unencrypted and it is NOT designed for use as a VPN. Some routers support this mode, but usually this is only intended for connecting to certain ISPs.

With that said, it is relatively straightforward to modify this project to enable L2TP without IPsec (this is NOT recommended as I said) if you build from source code [1]. More specifically:

  1. Remove line 547 and 552 in run.sh to allow this in the IPTables firewall:
    github.com/hwdsl2/docker-ipsec-vpn-server@ea3fa1950a/run.sh (L547)
    github.com/hwdsl2/docker-ipsec-vpn-server@ea3fa1950a/run.sh (L552)
  2. Additionally open 1701/udp in Dockerfile:
    github.com/hwdsl2/docker-ipsec-vpn-server@ea3fa1950a/Dockerfile (L45)
  3. Additionally map port 1701 in the Docker run command to the same port on the Docker host:
    https://github.com/hwdsl2/docker-ipsec-vpn-server#quick-start

[1] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#build-from-source-code

<!-- gh-comment-id:1154653828 --> @hwdsl2 commented on GitHub (Jun 14, 2022): @pilot7747 Thanks for your suggestion. However, I don't have plans to enable L2TP without IPsec in this project, because traffic in this mode is unencrypted and it is NOT designed for use as a VPN. Some routers support this mode, but usually this is only intended for connecting to certain ISPs. With that said, it is relatively straightforward to modify this project to enable L2TP without IPsec (this is NOT recommended as I said) if you build from source code [1]. More specifically: 1. Remove line 547 and 552 in `run.sh` to allow this in the IPTables firewall: https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/ea3fa1950a3e0541fa2701811915d12a32f358f2/run.sh#L547 https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/ea3fa1950a3e0541fa2701811915d12a32f358f2/run.sh#L552 2. Additionally open 1701/udp in `Dockerfile`: https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/ea3fa1950a3e0541fa2701811915d12a32f358f2/Dockerfile#L45 3. Additionally map port 1701 in the `Docker run` command to the same port on the Docker host: https://github.com/hwdsl2/docker-ipsec-vpn-server#quick-start [1] https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#build-from-source-code
kerem commented 2026-03-02 07:44:30 +03:00
Author
Owner
Copy link

@SysAdmln commented on GitHub (Dec 20, 2022):

https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec

<!-- gh-comment-id:1359000822 --> @SysAdmln commented on GitHub (Dec 20, 2022): https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec
kerem commented 2026-03-02 07:44:30 +03:00
Author
Owner
Copy link

@techriffic commented on GitHub (Mar 24, 2024):

https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec

hi would it be possible to update it to work with arm linux also?
i have built an image myself but i might have missed something or did something wrong.

l2tpd[1]: Connection established to xxxxx, 29332. Local: 62131, Remote: 17452 (ref=0/0). LNS session is 'default'
xl2tpd[1]: check_control: Received out of order control packet on tunnel 17452 (got 3, expected 2)
xl2tpd[1]: handle_control: bad control packet!
xl2tpd[1]: Can not find tunnel 33317 (refhim=0)
xl2tpd[1]: network_thread: unable to find call or tunnel to handle packet. call = 51737, tunnel = 33317 Dumping.

<!-- gh-comment-id:2016698366 --> @techriffic commented on GitHub (Mar 24, 2024): > https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec hi would it be possible to update it to work with arm linux also? i have built an image myself but i might have missed something or did something wrong. l2tpd[1]: Connection established to xxxxx, 29332. Local: 62131, Remote: 17452 (ref=0/0). LNS session is 'default' xl2tpd[1]: check_control: Received out of order control packet on tunnel 17452 (got 3, expected 2) xl2tpd[1]: handle_control: bad control packet! xl2tpd[1]: Can not find tunnel 33317 (refhim=0) xl2tpd[1]: network_thread: unable to find call or tunnel to handle packet. call = 51737, tunnel = 33317 Dumping.
kerem commented 2026-03-02 07:44:30 +03:00
Author
Owner
Copy link

@degritsenko commented on GitHub (Aug 31, 2024):

https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec

hi would it be possible to update it to work with arm linux also? i have built an image myself but i might have missed something or did something wrong.

l2tpd[1]: Connection established to xxxxx, 29332. Local: 62131, Remote: 17452 (ref=0/0). LNS session is 'default' xl2tpd[1]: check_control: Received out of order control packet on tunnel 17452 (got 3, expected 2) xl2tpd[1]: handle_control: bad control packet! xl2tpd[1]: Can not find tunnel 33317 (refhim=0) xl2tpd[1]: network_thread: unable to find call or tunnel to handle packet. call = 51737, tunnel = 33317 Dumping.

https://hub.docker.com/r/gritsenko/l2tp_without_ipsec/tags

<!-- gh-comment-id:2322867913 --> @degritsenko commented on GitHub (Aug 31, 2024): > > https://hub.docker.com/repository/docker/sysadmln/l2tp_without_ipsec > > hi would it be possible to update it to work with arm linux also? i have built an image myself but i might have missed something or did something wrong. > > l2tpd[1]: Connection established to xxxxx, 29332. Local: 62131, Remote: 17452 (ref=0/0). LNS session is 'default' xl2tpd[1]: check_control: Received out of order control packet on tunnel 17452 (got 3, expected 2) xl2tpd[1]: handle_control: bad control packet! xl2tpd[1]: Can not find tunnel 33317 (refhim=0) xl2tpd[1]: network_thread: unable to find call or tunnel to handle packet. call = 51737, tunnel = 33317 Dumping. https://hub.docker.com/r/gritsenko/l2tp_without_ipsec/tags
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#175
No description provided.