starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #247] unable to automatically setup ikev2 due to "mount" command returning empty on alpine image #230

New issue
Closed
opened 2026-03-02 08:00:39 +03:00 by kerem · 2 comments
kerem commented 2026-03-02 08:00:39 +03:00
Owner
Copy link

Originally created by @neothematrix on GitHub (Jul 18, 2021).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247

Hello!
first of all, thanks for this extremely useful docker image!
I configured it on my nas and everything worked almost out of the box.
The issue I encountered is when I started to configure IKEv2 clients (no issues with L2TP/IPSEC), because I realized the docker image was not configuring the IKEv2 at all, even though I had a mounted volume for /etc/ipsec.d
I was using the alpine image, and realized that the "run.sh" script relies on the output of "mount" command to check if /etc/ipsec.d volume has been mounted, but for some reason, the "mount" command on the latest hwdsl2/ipsec-vpn-server (alpine image) returns empty.
I fixed it by using the "debian" version of the image, I'm not sure why it returns empty on alpine, and if it happens only to me, I couldn't find any open bug, but perhaps the "mount |grep ..." command could be replaced with "cat /proc/mounts |grep ..."?

After fixing this, another small issue I had (but it's a different issue) is that my docker host kernel does not have "MOBIKE" support, so until I forced "mobike=no" the ikev2 configuration was not loaded anyways, and it was not easy to understand why, I finally found the reason forcing the load of the "ikev2-cp" configuration with:

docker exec -ti ipsec-vpn-server /usr/local/sbin/ipsec auto --add ikev2-cp

where an informative message on missing MOBIKE kernel support helped me pinpointing the issue, perhaps it could be added to the troubleshooting doc?

again thanks a lot!

Originally created by @neothematrix on GitHub (Jul 18, 2021). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/247 Hello! first of all, thanks for this extremely useful docker image! I configured it on my nas and everything worked almost out of the box. The issue I encountered is when I started to configure IKEv2 clients (no issues with L2TP/IPSEC), because I realized the docker image was not configuring the IKEv2 at all, even though I had a mounted volume for /etc/ipsec.d I was using the alpine image, and realized that the "run.sh" script relies on the output of "mount" command to check if /etc/ipsec.d volume has been mounted, but for some reason, the "mount" command on the latest hwdsl2/ipsec-vpn-server (alpine image) returns empty. I fixed it by using the "debian" version of the image, I'm not sure why it returns empty on alpine, and if it happens only to me, I couldn't find any open bug, but perhaps the "mount |grep ..." command could be replaced with "cat /proc/mounts |grep ..."? After fixing this, another small issue I had (but it's a different issue) is that my docker host kernel does not have "MOBIKE" support, so until I forced "mobike=no" the ikev2 configuration was not loaded anyways, and it was not easy to understand why, I finally found the reason forcing the load of the "ikev2-cp" configuration with: `docker exec -ti ipsec-vpn-server /usr/local/sbin/ipsec auto --add ikev2-cp` where an informative message on missing MOBIKE kernel support helped me pinpointing the issue, perhaps it could be added to the troubleshooting doc? again thanks a lot!
kerem closed this issue 2026-03-02 08:00:39 +03:00
kerem commented 2026-03-02 08:00:40 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Jul 18, 2021):

@neothematrix Thanks for reporting. I'll update run.sh to check /proc/mounts instead. What is your Docker host's Linux flavor (e.g. Ubuntu) and version? And which kernel version is running on your Docker host? You can check with uname -a.

<!-- gh-comment-id:882098976 --> @hwdsl2 commented on GitHub (Jul 18, 2021): @neothematrix Thanks for reporting. I'll update `run.sh` to check `/proc/mounts` instead. What is your Docker host's Linux flavor (e.g. Ubuntu) and version? And which kernel version is running on your Docker host? You can check with `uname -a`.
kerem commented 2026-03-02 08:00:40 +03:00
Author
Owner
Copy link

@neothematrix commented on GitHub (Jul 18, 2021):

hello @hwdsl2 ,
thanks for the fast reply and fix, I confirm it's now working properly also with the alpine image!

As per my docker host, it's a qnap NAS, running a qnap-customized linux distro, here's the uname output:

$ uname -a
Linux qnap-nas 4.14.24-qnap #1 SMP Thu Jul 8 01:44:24 CST 2021 x86_64 GNU/Linux

thanks!

<!-- gh-comment-id:882111844 --> @neothematrix commented on GitHub (Jul 18, 2021): hello @hwdsl2 , thanks for the fast reply and fix, I confirm it's now working properly also with the alpine image! As per my docker host, it's a qnap NAS, running a qnap-customized linux distro, here's the uname output: `$ uname -a` `Linux qnap-nas 4.14.24-qnap #1 SMP Thu Jul 8 01:44:24 CST 2021 x86_64 GNU/Linux` thanks!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#230
No description provided.