starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #228] k8s安装运行无错误,但是不能接入,怀疑地址绑定没有0.0.0.0 #212

New issue
Closed
opened 2026-03-02 07:44:47 +03:00 by kerem · 3 comments
kerem commented 2026-03-02 07:44:47 +03:00
Owner
Copy link

Originally created by @nickelzhang on GitHub (Feb 19, 2021).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/228

任务列表

问题描述
使用清楚简明的语言描述这个 bug。
如题
pluto[266]: 2 CPU cores online
pluto[266]: starting up 2 helper threads
pluto[266]: started thread for helper 0
pluto[266]: seccomp security for helper not supported
pluto[266]: started thread for helper 1
pluto[266]: Using Linux XFRM/NETKEY IPsec kernel support code on 5.4.0-65-generic
pluto[266]: seccomp security not supported
pluto[266]: seccomp security for helper not supported
pluto[266]: added IKEv1 connection "l2tp-psk"
pluto[266]: added IKEv1 connection "xauth-psk"
pluto[266]: listening for IKE messages
pluto[266]: Kernel supports NIC esp-hw-offload
pluto[266]: adding UDP interface eth0 10.42.1.106:500
pluto[266]: adding UDP interface eth0 10.42.1.106:4500
pluto[266]: adding UDP interface lo 127.0.0.1:500
pluto[266]: adding UDP interface lo 127.0.0.1:4500
pluto[266]: adding UDP interface lo [::1]:500
pluto[266]: loading secrets from "/etc/ipsec.secrets"
重现步骤
重现该 bug 的步骤:

  1. ...
  2. ...

期待的正确结果
简要地描述你期望的正确结果。

日志
启用日志,检查 VPN 状态,并且添加错误日志以帮助解释该问题(如果适用)。

服务器信息(请填写以下信息)

  • Docker 主机操作系统: [比如 Ubuntu 20.04]
  • 服务提供商(如果适用): [比如 GCP, AWS]

客户端信息(请填写以下信息)

  • 设备: [比如 iPhone 8]
  • 操作系统: [比如 iOS 13.6]
  • VPN 模式: [IPsec/L2TP, IPsec/XAuth ("Cisco IPsec") 或 IKEv2]

其它信息
添加关于该 bug 的其它信息。

Originally created by @nickelzhang on GitHub (Feb 19, 2021). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/228 **任务列表** - [ ] 我已阅读 [自述文件](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md) - [ ] 我已阅读 [重要提示](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md#重要提示) - [ ] 我已按照说明 [配置 VPN 客户端](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md#下一步) - [ ] 我检查了 [故障排除](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-zh.md#故障排除),[启用日志](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md#启用-libreswan-日志) 并查看了 [VPN 状态](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-zh.md#检查日志及-vpn-状态) - [ ] 我搜索了已有的 [Issues](https://github.com/hwdsl2/docker-ipsec-vpn-server/issues?q=is%3Aissue) - [ ] 这个 bug 是关于 IPsec VPN 服务器 Docker 镜像,而不是 IPsec VPN 本身 <!--- 如果你需要关于 IPsec VPN 本身的帮助,请参见 [问题和反馈](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/README-zh.md#问题和反馈)。VPN 的相关问题可在 [Libreswan](https://lists.libreswan.org/mailman/listinfo/swan) 或 [strongSwan](https://lists.strongswan.org/mailman/listinfo/users) 邮件列表提问,或者搜索比如 [Stack Overflow](https://stackoverflow.com/questions/tagged/vpn) 等网站。 ---> **问题描述** 使用清楚简明的语言描述这个 bug。 如题 pluto[266]: 2 CPU cores online pluto[266]: starting up 2 helper threads pluto[266]: started thread for helper 0 pluto[266]: seccomp security for helper not supported pluto[266]: started thread for helper 1 pluto[266]: Using Linux XFRM/NETKEY IPsec kernel support code on 5.4.0-65-generic pluto[266]: seccomp security not supported pluto[266]: seccomp security for helper not supported pluto[266]: added IKEv1 connection "l2tp-psk" pluto[266]: added IKEv1 connection "xauth-psk" pluto[266]: listening for IKE messages pluto[266]: Kernel supports NIC esp-hw-offload pluto[266]: adding UDP interface eth0 10.42.1.106:500 pluto[266]: adding UDP interface eth0 10.42.1.106:4500 pluto[266]: adding UDP interface lo 127.0.0.1:500 pluto[266]: adding UDP interface lo 127.0.0.1:4500 pluto[266]: adding UDP interface lo [::1]:500 pluto[266]: loading secrets from "/etc/ipsec.secrets" **重现步骤** 重现该 bug 的步骤: 1. ... 2. ... **期待的正确结果** 简要地描述你期望的正确结果。 **日志** [启用日志](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md#启用-libreswan-日志),检查 [VPN 状态](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-zh.md#检查日志及-vpn-状态),并且添加错误日志以帮助解释该问题(如果适用)。 **服务器信息(请填写以下信息)** - Docker 主机操作系统: [比如 Ubuntu 20.04] - 服务提供商(如果适用): [比如 GCP, AWS] **客户端信息(请填写以下信息)** - 设备: [比如 iPhone 8] - 操作系统: [比如 iOS 13.6] - VPN 模式: [IPsec/L2TP, IPsec/XAuth ("Cisco IPsec") 或 IKEv2] **其它信息** 添加关于该 bug 的其它信息。
kerem closed this issue 2026-03-02 07:44:47 +03:00
kerem commented 2026-03-02 07:44:48 +03:00
Author
Owner
Copy link

@nickelzhang commented on GitHub (Feb 19, 2021):

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:1701 0.0.0.0:* 1/xl2tpd
udp 0 0 127.0.0.1:4500 0.0.0.0:* 4590/pluto
udp 0 0 10.42.1.106:4500 0.0.0.0:* 4590/pluto
udp 0 0 127.0.0.1:500 0.0.0.0:* 4590/pluto
udp 0 0 10.42.1.106:500 0.0.0.0:* 4590/pluto
udp6 0 0 ::1:500 :::* 4590/pluto

<!-- gh-comment-id:782041347 --> @nickelzhang commented on GitHub (Feb 19, 2021): Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 0.0.0.0:1701 0.0.0.0:* 1/xl2tpd udp 0 0 127.0.0.1:4500 0.0.0.0:* 4590/pluto udp 0 0 10.42.1.106:4500 0.0.0.0:* 4590/pluto udp 0 0 127.0.0.1:500 0.0.0.0:* 4590/pluto udp 0 0 10.42.1.106:500 0.0.0.0:* 4590/pluto udp6 0 0 ::1:500 :::* 4590/pluto
kerem commented 2026-03-02 07:44:48 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Feb 19, 2021):

@nickelzhang 你好!Libreswan默认不绑定0.0.0.0,而是绑定主机的一个或多个 IP 地址(如你的netstat 输出所示)。这是正常的,对 VPN 接入没有影响。你的日志显示 VPN 服务器成功启动并等待客户端连接。我觉得应该是你的配置有其它问题。示例配置你可以参见这个 PR:https://github.com/hwdsl2/setup-ipsec-vpn/pull/915

<!-- gh-comment-id:782191165 --> @hwdsl2 commented on GitHub (Feb 19, 2021): @nickelzhang 你好!Libreswan默认不绑定`0.0.0.0`,而是绑定主机的一个或多个 IP 地址(如你的netstat 输出所示)。这是正常的,对 VPN 接入没有影响。你的日志显示 VPN 服务器成功启动并等待客户端连接。我觉得应该是你的配置有其它问题。示例配置你可以参见这个 PR:https://github.com/hwdsl2/setup-ipsec-vpn/pull/915
kerem commented 2026-03-02 07:44:48 +03:00
Author
Owner
Copy link

@nickelzhang commented on GitHub (Feb 20, 2021):

谢谢您的回复,我再研究一下,感谢。

<!-- gh-comment-id:782520585 --> @nickelzhang commented on GitHub (Feb 20, 2021): 谢谢您的回复,我再研究一下,感谢。
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#212
No description provided.