[GH-ISSUE #218] IOS can't connect with l2tp #202

New issue

Closed

opened 2026-03-02 07:44:43 +03:00 by kerem · 1 comment

kerem commented 2026-03-02 07:44:43 +03:00

Owner

Copy link

Originally created by @xingon on GitHub (Dec 29, 2020).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/218

my phone is ipone 12 pro max...i installed docker and restarted docker couple of times ...it can't connect at all...this is my information

[root@korea ~]# docker exec -it ipsec-vpn-server netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
udp        0      0 127.0.0.1:4500          0.0.0.0:*                           253/pluto           
udp        0      0 172.17.0.3:4500         0.0.0.0:*                           253/pluto           
udp        0      0 127.0.0.1:500           0.0.0.0:*                           253/pluto           
udp        0      0 172.17.0.3:500          0.0.0.0:*                           253/pluto           
udp        0      0 0.0.0.0:1701            0.0.0.0:*                           1/xl2tpd   

[root@korea ~]# docker logs ipsec-vpn-server

Trying to auto discover IP of this server...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: *****
IPsec PSK: *****
Username: *****
Password: *****

Write these down. You'll need them to connect!

Important notes:   https://git.io/vpnnotes2
Setup VPN clients: https://git.io/vpnclients
IKEv2 guide:       https://git.io/ikev2docker

================================================

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: Initializing NSS database

.
xl2tpd[1]: Not looking for kernel SAref support.
xl2tpd[1]: Using l2tp kernel support.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on 567c195a0d14 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[1]: death_handler: Fatal signal 15 received

Trying to auto discover IP of this server...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: *****
IPsec PSK: *****
Username: *****
Password: *****

Write these down. You'll need them to connect!

Important notes:   https://git.io/vpnnotes2
Setup VPN clients: https://git.io/vpnclients
IKEv2 guide:       https://git.io/ikev2docker

================================================

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: .
xl2tpd[1]: Not looking for kernel SAref support.
xl2tpd[1]: Using l2tp kernel support.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on 567c195a0d14 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

Originally created by @xingon on GitHub (Dec 29, 2020). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/218 my phone is ipone 12 pro max...i installed docker and restarted docker couple of times ...it can't connect at all...this is my information ``` [root@korea ~]# docker exec -it ipsec-vpn-server netstat -anput Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 127.0.0.1:4500 0.0.0.0:* 253/pluto udp 0 0 172.17.0.3:4500 0.0.0.0:* 253/pluto udp 0 0 127.0.0.1:500 0.0.0.0:* 253/pluto udp 0 0 172.17.0.3:500 0.0.0.0:* 253/pluto udp 0 0 0.0.0.0:1701 0.0.0.0:* 1/xl2tpd [root@korea ~]# docker logs ipsec-vpn-server Trying to auto discover IP of this server... ================================================ IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: ***** IPsec PSK: ***** Username: ***** Password: ***** Write these down. You'll need them to connect! Important notes: https://git.io/vpnnotes2 Setup VPN clients: https://git.io/vpnclients IKEv2 guide: https://git.io/ikev2docker ================================================ Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: Initializing NSS database . xl2tpd[1]: Not looking for kernel SAref support. xl2tpd[1]: Using l2tp kernel support. xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on 567c195a0d14 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 xl2tpd[1]: death_handler: Fatal signal 15 received Trying to auto discover IP of this server... ================================================ IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: ***** IPsec PSK: ***** Username: ***** Password: ***** Write these down. You'll need them to connect! Important notes: https://git.io/vpnnotes2 Setup VPN clients: https://git.io/vpnclients IKEv2 guide: https://git.io/ikev2docker ================================================ Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: . xl2tpd[1]: Not looking for kernel SAref support. xl2tpd[1]: Using l2tp kernel support. xl2tpd[1]: xl2tpd version xl2tpd-1.3.12 started on 567c195a0d14 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 ```

kerem closed this issue 2026-03-02 07:44:44 +03:00

kerem commented 2026-03-02 07:44:44 +03:00

Author

Owner

Copy link

@hwdsl2 commented on GitHub (Dec 29, 2020):

@xingon Hello! The logs you posted look normal, but show no connection attempts. Please enable Libreswan logs (see [1]), try re-connecting the VPN client, then check logs for errors. If no new log appears after trying to connect, then traffic did not reach your VPN server.

Some server providers, such as GCE and AWS, requires configuration of security groups or firewall rules to open ports for the VPN. Make sure to open UDP port 500 and UDP port 4500 in such cases.

[1] https://github.com/hwdsl2/docker-ipsec-vpn-server#enable-libreswan-logs

<!-- gh-comment-id:752213332 --> @hwdsl2 commented on GitHub (Dec 29, 2020): @xingon Hello! The logs you posted look normal, but show no connection attempts. Please enable Libreswan logs (see [1]), try re-connecting the VPN client, then check logs for errors. If no new log appears after trying to connect, then traffic did not reach your VPN server. Some server providers, such as GCE and AWS, requires configuration of security groups or firewall rules to open ports for the VPN. Make sure to open UDP port 500 and UDP port 4500 in such cases. [1] https://github.com/hwdsl2/docker-ipsec-vpn-server#enable-libreswan-logs

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

No results found.

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

No labels

bug

pull-request

question

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#202

No description provided.