[GH-ISSUE #263] Port forward issues #245

New issue

Closed

opened 2026-03-02 08:00:45 +03:00 by kerem · 1 comment

kerem commented

2026-03-02 08:00:45 +03:00

Owner

Originally created by @ray73864 on GitHub (Nov 10, 2021).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/263

Real head-scratcher this one is.

I have set up the docker container, set ports 500 and 4500 from the docker host to the docker container, installed strongSwan onto my Android phone and can connect to the VPN just fine using ikev2.

However I want to be able to connect to the VPN externally so that I can access my network when I'm not at home.

I have a Cisco router (Cisco ISR 4321), which has a VPN preconfigured on it so that it is always connected to works network, which means ports 500 and 4500 are already in use by the router itself.

So I set up UDP ports 9000 and 9500 to port forward to the raspberry pi on 500 and 4500 (9000 -> 500, 9500 -> 4500).

Unfortunately when I try and connect externally (phone on mobile data instead of wifi), it just gives up even trying to connect.

I feel like I am missing something really simple, or maybe what I am trying to do just won't be possible?

I checked with an online UDP scanner and it can see the ports are open and talking to the VPN server on the raspberry pi (Both ports show as 'open / filtered').

Originally created by @ray73864 on GitHub (Nov 10, 2021). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/263 Real head-scratcher this one is. I have set up the docker container, set ports 500 and 4500 from the docker host to the docker container, installed strongSwan onto my Android phone and can connect to the VPN just fine using ikev2. However I want to be able to connect to the VPN externally so that I can access my network when I'm not at home. I have a Cisco router (Cisco ISR 4321), which has a VPN preconfigured on it so that it is always connected to works network, which means ports 500 and 4500 are already in use by the router itself. So I set up UDP ports 9000 and 9500 to port forward to the raspberry pi on 500 and 4500 (9000 -> 500, 9500 -> 4500). Unfortunately when I try and connect externally (phone on mobile data instead of wifi), it just gives up even trying to connect. I feel like I am missing something really simple, or maybe what I am trying to do just won't be possible? I checked with an online UDP scanner and it can see the ports are open and talking to the VPN server on the raspberry pi (Both ports show as 'open / filtered').

kerem closed this issue

2026-03-02 08:00:45 +03:00

kerem commented

2026-03-02 08:00:46 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Nov 11, 2021):

@ray73864 Hello! I understand that you forwarded UDP ports 9000 and 9500 on your router to the VPN server on the Raspberry Pi, then tried to connect to the VPN externally. Unfortunately, this won't work because IPsec uses UDP ports 500 and 4500, and there isn't a way to specify custom port(s) for IPsec in most VPN clients. For your use case, perhaps you can instead try OpenVPN [1].

[1] https://github.com/Nyr/openvpn-install

@hwdsl2 commented on GitHub (Nov 11, 2021): @ray73864 Hello! I understand that you forwarded UDP ports 9000 and 9500 on your router to the VPN server on the Raspberry Pi, then tried to connect to the VPN externally. Unfortunately, this won't work because IPsec uses UDP ports 500 and 4500, and there isn't a way to specify custom port(s) for IPsec in most VPN clients. For your use case, perhaps you can instead try OpenVPN [1]. [1] https://github.com/Nyr/openvpn-install

No labels

bug

pull-request

question

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#245

No description provided.

Rows
Columns