starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-27 02:25:51 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #225] How to support extra configuration options for macOS Big Sur problem #208

New issue
Closed
opened 2026-03-02 07:44:46 +03:00 by kerem · 2 comments
kerem commented 2026-03-02 07:44:46 +03:00
Owner
Copy link

Originally created by @yegor256 on GitHub (Feb 3, 2021).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/225

Check this out https://serverfault.com/questions/1045012/configuring-l2tp-vpn-to-use-with-ios-14-and-macos-big-sur The latest version of macOS (11.2 Big Sur) is not working with VPN anymore. There should be some possibility to configure additional options.

This page says that "Switching the SHA-256 HMAC output from 96 to 128 bits on the server should fix this issue" How can I do this?

Originally created by @yegor256 on GitHub (Feb 3, 2021). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/225 Check this out https://serverfault.com/questions/1045012/configuring-l2tp-vpn-to-use-with-ios-14-and-macos-big-sur The latest version of macOS (11.2 Big Sur) is not working with VPN anymore. There should be some possibility to configure additional options. [This page](https://www.reddit.com/r/MacOSBeta/comments/ih22h9/vpn_l2tp_over_ipsec_stopped_working_after/g8ora2x/?utm_source=reddit&utm_medium=web2x&context=3) says that "Switching the SHA-256 HMAC output from 96 to 128 bits on the server should fix this issue" How can I do this?
kerem closed this issue 2026-03-02 07:44:46 +03:00
kerem commented 2026-03-02 07:44:47 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Feb 3, 2021):

@yegor256 Hello! As indicated in the link you mentioned, this issue only occurs if you have sha2-truncbug=yes in /etc/ipsec.conf on the VPN server, and changing sha2-truncbug=yes to sha2-truncbug=no in that file, and run sudo service ipsec restart fixes it.

For this Docker image, sha2-truncbug=no has been the default value since 2019-09-22 (57fa056). Therefore it is not affected unless you are using a very old version of this image, in which case you can update to the latest version [1].

[1] https://github.com/hwdsl2/docker-ipsec-vpn-server#update-docker-image

<!-- gh-comment-id:772631498 --> @hwdsl2 commented on GitHub (Feb 3, 2021): @yegor256 Hello! As indicated in the link you mentioned, this issue only occurs if you have `sha2-truncbug=yes` in `/etc/ipsec.conf` on the VPN server, and changing `sha2-truncbug=yes` to `sha2-truncbug=no` in that file, and run `sudo service ipsec restart` fixes it. For this Docker image, `sha2-truncbug=no` has been the default value since 2019-09-22 (57fa056). Therefore it is not affected unless you are using a very old version of this image, in which case you can update to the latest version [1]. [1] https://github.com/hwdsl2/docker-ipsec-vpn-server#update-docker-image
kerem commented 2026-03-02 07:44:47 +03:00
Author
Owner
Copy link

@yegor256 commented on GitHub (Feb 3, 2021):

@hwdsl2 indeed, the latest Docker image works just fine, thanks!

<!-- gh-comment-id:772792876 --> @yegor256 commented on GitHub (Feb 3, 2021): @hwdsl2 indeed, the latest Docker image works just fine, thanks!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#208
No description provided.