starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #347] fix for Android MTU/MSS issues 错误信息 #321

New issue
Closed
opened 2026-03-02 08:01:21 +03:00 by kerem · 1 comment
kerem commented 2026-03-02 08:01:21 +03:00
Owner
Copy link

Originally created by @bubersome on GitHub (Feb 11, 2023).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/347

Checklist

Describe the issue
所有默认选项没有改变,只是在你的 env 文件中添加 VPN_ANDROID_MTU_FIX=yes
出现如下报错log

To Reproduce
Steps to reproduce the behavior:

  1. ...
  2. ...

Expected behavior
A clear and concise description of what you expected to happen.

Logs
Enable logs, check VPN status, and add error logs to help explain the problem, if applicable.

~ docker run \
--name ipsec-vpn-server
--env-file /root/docker-ipsec-vpn-server/vpn.env
--restart=always
-v ikev2-vpn-data:/etc/ipsec.d
-v /lib/modules:/lib/modules:ro
-p 500:500/udp
-p 4500:4500/udp
-d --privileged
hwdsl2/ipsec-vpn-server
776f1da4e253016da2ad6f019e70f771af5a60d3df78dc00f066aa655023f25d
➜ ~ docker logs ipsec-vpn-server

Retrieving previously generated VPN credentials...

Trying to auto discover IP of this server...
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.8.8 (legacy): can't initialize iptables table nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Applying fix for Android MTU/MSS issues...
iptables v1.8.8 (legacy): can't initialize iptables table mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table mangle': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Starting IPsec service...

Server (please complete the following information)

  • Docker host OS: [e.g. Ubuntu 20.04]
  • Hosting provider (if applicable): [e.g. GCP, AWS]

Client (please complete the following information)

  • Device: [e.g. iPhone 12]
  • OS: [e.g. iOS 15]
  • VPN mode: [IPsec/L2TP, IPsec/XAuth ("Cisco IPsec") or IKEv2]

Additional context
Add any other context about the problem here.

Originally created by @bubersome on GitHub (Feb 11, 2023). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/347 **Checklist** - [ ] I read the [README](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README.md) - [ ] I read the [Important notes](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README.md#important-notes) - [ ] I followed instructions to [configure VPN clients](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README.md#next-steps) - [ ] I checked [IKEv1 troubleshooting](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#ikev1-troubleshooting), [IKEv2 troubleshooting](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/ikev2-howto.md#ikev2-troubleshooting), [enabled logs](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#enable-libreswan-logs) and checked [VPN status](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#check-logs-and-vpn-status) - [ ] I searched existing [Issues](https://github.com/hwdsl2/docker-ipsec-vpn-server/issues?q=is%3Aissue) - [ ] This bug is about the IPsec VPN server Docker image, and not IPsec VPN itself <!--- If you found a reproducible bug for the IPsec VPN, open a bug report at https://github.com/libreswan/libreswan. Ask VPN-related questions on the [Libreswan](https://lists.libreswan.org/mailman/listinfo/swan) or [strongSwan](https://lists.strongswan.org/mailman/listinfo/users) users mailing list, or search e.g. [Stack Overflow](https://stackoverflow.com/questions/tagged/vpn). ---> **Describe the issue** 所有默认选项没有改变,只是在[你的 env 文件]()中添加 VPN_ANDROID_MTU_FIX=yes 出现如下报错log **To Reproduce** Steps to reproduce the behavior: 1. ... 2. ... **Expected behavior** A clear and concise description of what you expected to happen. **Logs** [Enable logs](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#enable-libreswan-logs), check [VPN status](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#check-logs-and-vpn-status), and add error logs to help explain the problem, if applicable. ~ docker run \ --name ipsec-vpn-server \ --env-file /root/docker-ipsec-vpn-server/vpn.env\ --restart=always \ -v ikev2-vpn-data:/etc/ipsec.d \ -v /lib/modules:/lib/modules:ro \ -p 500:500/udp \ -p 4500:4500/udp \ -d --privileged \ hwdsl2/ipsec-vpn-server 776f1da4e253016da2ad6f019e70f771af5a60d3df78dc00f066aa655023f25d ➜ ~ docker logs ipsec-vpn-server Retrieving previously generated VPN credentials... Trying to auto discover IP of this server... iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Applying fix for Android MTU/MSS issues... iptables v1.8.8 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. iptables v1.8.8 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Starting IPsec service... **Server (please complete the following information)** - Docker host OS: [e.g. Ubuntu 20.04] - Hosting provider (if applicable): [e.g. GCP, AWS] **Client (please complete the following information)** - Device: [e.g. iPhone 12] - OS: [e.g. iOS 15] - VPN mode: [IPsec/L2TP, IPsec/XAuth ("Cisco IPsec") or IKEv2] **Additional context** Add any other context about the problem here.
kerem closed this issue 2026-03-02 08:01:21 +03:00
kerem commented 2026-03-02 08:01:22 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Feb 12, 2023):

@bubersome 你好!该错误应该与 VPN_ANDROID_MTU_FIX=yes 无关。它一般是因为 IPTables 内核模块无法加载导致的。请在你的 Docker 主机上运行 sudo modprobe ip_tables,然后重新创建 Docker 容器。参见这个链接:
https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage-zh.md#%E4%B8%8D%E5%90%AF%E7%94%A8-privileged-%E6%A8%A1%E5%BC%8F%E8%BF%90%E8%A1%8C

<!-- gh-comment-id:1426917521 --> @hwdsl2 commented on GitHub (Feb 12, 2023): @bubersome 你好!该错误应该与 `VPN_ANDROID_MTU_FIX=yes` 无关。它一般是因为 IPTables 内核模块无法加载导致的。请在你的 Docker 主机上运行 `sudo modprobe ip_tables`,然后重新创建 Docker 容器。参见这个链接: https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage-zh.md#%E4%B8%8D%E5%90%AF%E7%94%A8-privileged-%E6%A8%A1%E5%BC%8F%E8%BF%90%E8%A1%8C
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#321
No description provided.