starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 10:05:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #356] 可以ping通192.168.42.1,但是无法联网,也无法连接内网的设备 #330

New issue
Closed
opened 2026-03-02 08:01:25 +03:00 by kerem · 4 comments
kerem commented 2026-03-02 08:01:25 +03:00
Owner
Copy link

Originally created by @ufocjm on GitHub (Mar 15, 2023).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/356

服务器为CentOS 8,在docker环境下部署
客户端为Mac/Iphone,按教程正常可以连上(拨号成功),但是除192.168.42.1都无法ping通也无法打开
使用L2TP/IPSec方式

docker run \
    --name ipsec-vpn-server \
    --restart=always \
    -v ikev2-vpn-data:/etc/ipsec.d \
    -v /lib/modules:/lib/modules:ro \
    -p 500:500/udp \
    -p 4500:4500/udp \
    -d --privileged \
    hwdsl2/ipsec-vpn-server

路由器的500和4500端口均已转发,都能播上去正常来说端口是通的,能问一下是什么情况吗?

Originally created by @ufocjm on GitHub (Mar 15, 2023). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/356 服务器为CentOS 8,在docker环境下部署 客户端为Mac/Iphone,按教程正常可以连上(拨号成功),但是除192.168.42.1都无法ping通也无法打开 使用L2TP/IPSec方式 ```bash docker run \ --name ipsec-vpn-server \ --restart=always \ -v ikev2-vpn-data:/etc/ipsec.d \ -v /lib/modules:/lib/modules:ro \ -p 500:500/udp \ -p 4500:4500/udp \ -d --privileged \ hwdsl2/ipsec-vpn-server ``` 路由器的500和4500端口均已转发,都能播上去正常来说端口是通的,能问一下是什么情况吗?
kerem closed this issue 2026-03-02 08:01:25 +03:00
kerem commented 2026-03-02 08:01:26 +03:00
Author
Owner
Copy link

@ufocjm commented on GitHub (Mar 16, 2023):

image 这个是日志输出
<!-- gh-comment-id:1471825652 --> @ufocjm commented on GitHub (Mar 16, 2023): <img width="1209" alt="image" src="https://user-images.githubusercontent.com/25009970/225610365-6c382834-89a3-4d8c-a235-e4d0e1405faf.png"> 这个是日志输出
kerem commented 2026-03-02 08:01:26 +03:00
Author
Owner
Copy link

@ufocjm commented on GitHub (Mar 16, 2023):

这个问题已经解决了,能连上去,也能连到内网,但是又有了一个新的问题!
我是用k8s部署的,部署了之后,我的访问出了22端口,也就是ssh端口以外,都连不上这台机子了,要重启电脑才可以!

<!-- gh-comment-id:1471894750 --> @ufocjm commented on GitHub (Mar 16, 2023): 这个问题已经解决了,能连上去,也能连到内网,但是又有了一个新的问题! 我是用k8s部署的,部署了之后,我的访问出了22端口,也就是ssh端口以外,都连不上这台机子了,要重启电脑才可以!
kerem commented 2026-03-02 08:01:26 +03:00
Author
Owner
Copy link

@ufocjm commented on GitHub (Mar 16, 2023):

这是配置文件

apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: vpn
  name: vpn
  labels:
    app: vpn
spec:
  replicas: 1
  selector:
    matchLabels:
      app: vpn
  template:
    metadata:
      labels:
        app: vpn
    spec:
      nodeSelector:
        kubernetes.io/hostname: k8s-master
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      containers:
      - name: "vpn"
        securityContext:
          privileged: true
        image: hwdsl2/ipsec-vpn-server
        imagePullPolicy: IfNotPresent
        ports:
          - name: udp-500
            containerPort: 500
            protocol: UDP
          - name: udp-4500
            containerPort: 4500
            protocol: UDP
        volumeMounts:
          - name: localtime
            mountPath: /etc/localtime
          - name: lib-volume
            readOnly: true
            mountPath: /lib/modules
      volumes:
      - name: localtime
        hostPath:
          path: /etc/localtime
      - name: lib-volume
        hostPath:
          path: /lib/modules
<!-- gh-comment-id:1472022491 --> @ufocjm commented on GitHub (Mar 16, 2023): 这是配置文件 ```yaml apiVersion: apps/v1 kind: Deployment metadata: namespace: vpn name: vpn labels: app: vpn spec: replicas: 1 selector: matchLabels: app: vpn template: metadata: labels: app: vpn spec: nodeSelector: kubernetes.io/hostname: k8s-master hostNetwork: true dnsPolicy: ClusterFirstWithHostNet containers: - name: "vpn" securityContext: privileged: true image: hwdsl2/ipsec-vpn-server imagePullPolicy: IfNotPresent ports: - name: udp-500 containerPort: 500 protocol: UDP - name: udp-4500 containerPort: 4500 protocol: UDP volumeMounts: - name: localtime mountPath: /etc/localtime - name: lib-volume readOnly: true mountPath: /lib/modules volumes: - name: localtime hostPath: path: /etc/localtime - name: lib-volume hostPath: path: /lib/modules ```
kerem commented 2026-03-02 08:01:26 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 18, 2023):

@ufocjm 你好!根据你的描述,原先的问题已解决。但没有理解你所说的 "除了22端口,也就是ssh端口以外,都连不上这台机子了,要重启电脑才可以"。你可以开一个新的 Issue 并详细说一下。该问题可能与你的 Docker 主机 IPTables 防火墙配置有关。

<!-- gh-comment-id:1474742790 --> @hwdsl2 commented on GitHub (Mar 18, 2023): @ufocjm 你好!根据你的描述,原先的问题已解决。但没有理解你所说的 "除了22端口,也就是ssh端口以外,都连不上这台机子了,要重启电脑才可以"。你可以开一个新的 Issue 并详细说一下。该问题可能与你的 Docker 主机 IPTables 防火墙配置有关。
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#330
No description provided.