starred/docker-ipsec-vpn-server

Fork 0

mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 10:05:48 +03:00

[GH-ISSUE #348] IKEv2 设置失败 #323

New issue

Closed

opened 2026-03-02 08:01:21 +03:00 by kerem · 4 comments

kerem commented

2026-03-02 08:01:21 +03:00

Owner

Originally created by @AlexZhang88 on GitHub (Feb 15, 2023).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/348

Originally created by @AlexZhang88 on GitHub (Feb 15, 2023). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/348 IPsec能正常工作以及客户端能正常访问，但是日志里面显示IKEv2 设置失败。在/etc/ipsec.d目录下没有生成IKEv2配置文件。使用的是最新的映像文件。使用的是Synology的Docker功能。而且端口映射都是对的... 日志： 2023-02-15T10:16:36.828128354Z | stdout | Connect to your new VPN with these details: 2023-02-15T10:16:36.828100756Z | stdout | 2023-02-15T10:16:36.828061585Z | stdout | IPsec VPN server is now ready for use! 2023-02-15T10:16:36.828037867Z | stdout | 2023-02-15T10:16:36.828010707Z | stdout | ================================================ 2023-02-15T10:16:36.827894152Z | stdout | 2023-02-15T10:16:36.251872329Z | stdout | Starting IPsec service... 2023-02-15T10:16:36.251752580Z | stdout | 2023-02-15T10:16:35.792997283Z | stdout | Trying to auto discover IP of this server... 2023-02-15T10:16:35.792831809Z | stdout | 2023-02-15T10:16:35.774298615Z | stdout | Retrieving previously generated VPN credentials... 2023-02-15T10:16:35.773776396Z | stdout | 2023-02-15T10:16:22.110062699Z | stderr | xl2tpd[1]: Connection 9 closed to 172.17.0.1, port 63746 (Server closing) 2023-02-15T10:16:22.109718045Z | stderr | xl2tpd[1]: death_handler: Fatal signal 15 received 2023-02-15T10:10:01.458030493Z | stderr | xl2tpd[1]: Call established with 172.17.0.1, PID: 496, Local: 57158, Remote: 30408, Serial: 1 2023-02-15T10:10:01.346771756Z | stderr | xl2tpd[1]: Connection established to 172.17.0.1, 63746. Local: 55896, Remote: 9 (ref=0/0). LNS session is 'default' 2023-02-15T10:10:01.019690317Z | stderr | xl2tpd[1]: control_finish: Peer requested tunnel 9 twice, ignoring second one. 2023-02-15T10:09:50.151051879Z | stderr | xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 2023-02-15T10:09:50.151021884Z | stderr | xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 2023-02-15T10:09:50.150989809Z | stderr | xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 2023-02-15T10:09:50.150922187Z | stderr | xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 2023-02-15T10:09:50.150891906Z | stderr | xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. 2023-02-15T10:09:50.150855177Z | stderr | xl2tpd[1]: xl2tpd version xl2tpd-1.3.18 started on eaca6c115c9d PID:1 2023-02-15T10:09:50.150826159Z | stderr | xl2tpd[1]: Using l2tp kernel support. 2023-02-15T10:09:49.482039128Z | stderr | xl2tpd[1]: Not looking for kernel SAref support. 2023-02-15T10:09:50.150735559Z | stdout | 2023-02-15T10:09:50.150710821Z | stdout | IKEv2 setup failed. 2023-02-15T10:09:50.150680230Z | stdout | Setting up IKEv2. This may take a few moments... 2023-02-15T10:09:50.150658898Z | stdout ![2023-02-15 112236](https://user-images.githubusercontent.com/73695362/219001016-89bfcac7-bde4-4265-b1b0-535cef2b63d8.png) ![20230215112826](https://user-images.githubusercontent.com/73695362/219002386-71c8a888-8e68-456b-970f-ca8d874ba929.png)

kerem closed this issue

2026-03-02 08:01:21 +03:00

kerem commented

2026-03-02 08:01:22 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Feb 18, 2023):

@AlexZhang88 你好！这个可能是 Synology 系统的内核对 IPsec 的支持有一些问题，也就是说该系统特有的问题。要找到 IKEv2 配置失败的具体原因，你可以查看容器内的 ikev2setup.log 文件：

docker exec ipsec-vpn-server cat /etc/ipsec.d/ikev2setup.log

如果你有新的信息可以继续在这里回复。

@hwdsl2 commented on GitHub (Feb 18, 2023): @AlexZhang88 你好！这个可能是 Synology 系统的内核对 IPsec 的支持有一些问题，也就是说该系统特有的问题。要找到 IKEv2 配置失败的具体原因，你可以查看容器内的 ikev2setup.log 文件： ``` docker exec ipsec-vpn-server cat /etc/ipsec.d/ikev2setup.log ``` 如果你有新的信息可以继续在这里回复。

kerem commented

2026-03-02 08:01:22 +03:00

Author

Owner

@AlexZhang88 commented on GitHub (Feb 18, 2023):

@AlexZhang88 你好！这个可能是 Synology 系统的内核对 IPsec 的支持有一些问题，也就是说该系统特有的问题。要找到 IKEv2 配置失败的具体原因，你可以查看容器内的 ikev2setup.log 文件：
docker exec ipsec-vpn-server cat /etc/ipsec.d/ikev2setup.log
如果你有新的信息可以继续在这里回复。

你好, ikev2setup的Log日志输出为：
Error: Certificate 'IKEv2 VPN CA' already exists.
Abort. No changes were made.

@AlexZhang88 commented on GitHub (Feb 18, 2023): > @AlexZhang88 你好！这个可能是 Synology 系统的内核对 IPsec 的支持有一些问题，也就是说该系统特有的问题。要找到 IKEv2 配置失败的具体原因，你可以查看容器内的 ikev2setup.log 文件： > > ``` > docker exec ipsec-vpn-server cat /etc/ipsec.d/ikev2setup.log > ``` > > 如果你有新的信息可以继续在这里回复。你好, ikev2setup的Log日志输出为： Error: Certificate 'IKEv2 VPN CA' already exists. Abort. No changes were made.

kerem commented

2026-03-02 08:01:22 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Feb 19, 2023):

@AlexZhang88 该错误可能是因为你之前使用过该 Docker 镜像，但 IKEv2 未能成功安装。要解决此错误，你可以尝试删除 IKEv2 数据卷，然后重新创建 Docker 容器。请注意，这将永久删除所有的 IKEv2 配置。要删除 IKEv2 数据卷：

docker volume rm ikev2-vpn-data

@hwdsl2 commented on GitHub (Feb 19, 2023): @AlexZhang88 该错误可能是因为你之前使用过该 Docker 镜像，但 IKEv2 未能成功安装。要解决此错误，你可以尝试删除 IKEv2 数据卷，然后重新创建 Docker 容器。请注意，这将永久删除所有的 IKEv2 配置。要删除 IKEv2 数据卷： ``` docker volume rm ikev2-vpn-data ```

kerem commented

2026-03-02 08:01:22 +03:00

Author

Owner

@AlexZhang88 commented on GitHub (Feb 19, 2023):

@AlexZhang88 该错误可能是因为你之前使用过该 Docker 镜像，但 IKEv2 未能成功安装。要解决此错误，你可以尝试删除 IKEv2 数据卷，然后重新创建 Docker 容器。请注意，这将永久删除所有的 IKEv2 配置。要删除 IKEv2 数据卷：
docker volume rm ikev2-vpn-data

谢谢，已解决！

@AlexZhang88 commented on GitHub (Feb 19, 2023): > @AlexZhang88 该错误可能是因为你之前使用过该 Docker 镜像，但 IKEv2 未能成功安装。要解决此错误，你可以尝试删除 IKEv2 数据卷，然后重新创建 Docker 容器。请注意，这将永久删除所有的 IKEv2 配置。要删除 IKEv2 数据卷： > > ``` > docker volume rm ikev2-vpn-data > ``` 谢谢，已解决！

No labels

bug

pull-request

question

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#323

No description provided.

Rows
Columns