starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #419] 部署成功 连接成功,但是无法联网,之前没问题 #391

New issue
Closed
opened 2026-03-02 08:01:50 +03:00 by kerem · 2 comments
kerem commented 2026-03-02 08:01:50 +03:00
Owner
Copy link

Originally created by @joyanhui on GitHub (Mar 2, 2024).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/419

mkdir -p /myfile/ipsec/data
cat > /myfile/ipsec/vpn.env <<\EOF
VPN_IPSEC_PSK=abcdefgh123456
VPN_USER=lei
VPN_PASSWORD=abcdefgh123456
# VPN_PUBLIC_IP=10.1.1.7
VPN_ADDL_USERS=user1 user2
VPN_ADDL_PASSWORDS=pass1 pass2
VPN_DNS_SRV1=119.29.29.29
VPN_DNS_SRV2=223.5.5.5
EOF

docker stop ipsec && docker rm ipsec
docker run \
    --name ipsec --network=host \
    --env-file  /myfile/ipsec/vpn.env \
    --restart=always \
    -v /lib/modules:/lib/modules:ro \
    -d --privileged  \
    hwdsl2/ipsec-vpn-server


docker logs ipsec

Trying to auto discover IP of this server...

Setting DNS servers to 119.29.29.29 and 223.5.5.5...

Starting IPsec service...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: XXXXXXX
IPsec PSK: abcdefgh123456
Username: lei
Password: abcdefgh123456

Additional VPN users (username | password):
user1 | pass1
user2 | pass2

Write these down. You'll need them to connect!

VPN client setup: https://vpnsetup.net/clients2

================================================

xl2tpd[1]: Not looking for kernel SAref support.
xl2tpd[1]: Using l2tp kernel support.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.18 started on debian PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

客户端用ipsec cisco连接成功,但是只能ping通 172.17.0.1
其他ip 包括 172.17.0.3 223.5.5.5 还有 docker宿主机的ip都不通

同样配置文件 在之前的docker镜像是正常的,但是刚看来一下旧版的镜像从hub.docker.com 找不到。

Originally created by @joyanhui on GitHub (Mar 2, 2024). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/419 ```sh mkdir -p /myfile/ipsec/data cat > /myfile/ipsec/vpn.env <<\EOF VPN_IPSEC_PSK=abcdefgh123456 VPN_USER=lei VPN_PASSWORD=abcdefgh123456 # VPN_PUBLIC_IP=10.1.1.7 VPN_ADDL_USERS=user1 user2 VPN_ADDL_PASSWORDS=pass1 pass2 VPN_DNS_SRV1=119.29.29.29 VPN_DNS_SRV2=223.5.5.5 EOF ``` ```sh docker stop ipsec && docker rm ipsec docker run \ --name ipsec --network=host \ --env-file /myfile/ipsec/vpn.env \ --restart=always \ -v /lib/modules:/lib/modules:ro \ -d --privileged \ hwdsl2/ipsec-vpn-server ``` ``` docker logs ipsec Trying to auto discover IP of this server... Setting DNS servers to 119.29.29.29 and 223.5.5.5... Starting IPsec service... ================================================ IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: XXXXXXX IPsec PSK: abcdefgh123456 Username: lei Password: abcdefgh123456 Additional VPN users (username | password): user1 | pass1 user2 | pass2 Write these down. You'll need them to connect! VPN client setup: https://vpnsetup.net/clients2 ================================================ xl2tpd[1]: Not looking for kernel SAref support. xl2tpd[1]: Using l2tp kernel support. xl2tpd[1]: xl2tpd version xl2tpd-1.3.18 started on debian PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 ``` 客户端用ipsec cisco连接成功,但是只能ping通 172.17.0.1 其他ip 包括 172.17.0.3 223.5.5.5 还有 docker宿主机的ip都不通 同样配置文件 在之前的docker镜像是正常的,但是刚看来一下旧版的镜像从hub.docker.com 找不到。
kerem closed this issue 2026-03-02 08:01:50 +03:00
kerem commented 2026-03-02 08:18:37 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Mar 2, 2024):

@joyanhui 你好!本项目最近升级到了 Alpine Linux 3.19。你可以从源代码构建之前的 Alpine 3.18 版本的镜像:

# Clone the repository
git clone https://github.com/hwdsl2/docker-ipsec-vpn-server
cd docker-ipsec-vpn-server
# Go back to the state on Dec. 20, 2023
git checkout 2db2b40df017ab42605e354cfeaca71811b7822c
# To build Alpine-based image (note the dot "." at the end)
docker build -t hwdsl2/ipsec-vpn-server .
# Or, to build Debian-based image
docker build -f Dockerfile.debian -t hwdsl2/ipsec-vpn-server:debian .

完成后,删除并重新创建 Docker 容器。重新连接 VPN。

另外,你也可以尝试不使用 host network 模式 创建 Docker 容器。在某些情况下,使用该模式可能导致 IPTables 规则的问题。

如果你有新的信息可以继续在这里回复。

<!-- gh-comment-id:1974818642 --> @hwdsl2 commented on GitHub (Mar 2, 2024): @joyanhui 你好!本项目最近升级到了 Alpine Linux 3.19。你可以[从源代码构建](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage-zh.md#%E4%BB%8E%E6%BA%90%E4%BB%A3%E7%A0%81%E6%9E%84%E5%BB%BA)之前的 Alpine 3.18 版本的镜像: ``` # Clone the repository git clone https://github.com/hwdsl2/docker-ipsec-vpn-server cd docker-ipsec-vpn-server # Go back to the state on Dec. 20, 2023 git checkout 2db2b40df017ab42605e354cfeaca71811b7822c # To build Alpine-based image (note the dot "." at the end) docker build -t hwdsl2/ipsec-vpn-server . # Or, to build Debian-based image docker build -f Dockerfile.debian -t hwdsl2/ipsec-vpn-server:debian . ``` 完成后,删除并重新创建 Docker 容器。重新连接 VPN。 另外,你也可以尝试不使用 [host network 模式](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage-zh.md#%E5%85%B3%E4%BA%8E-host-network-%E6%A8%A1%E5%BC%8F) 创建 Docker 容器。在某些情况下,使用该模式可能导致 IPTables 规则的问题。 如果你有新的信息可以继续在这里回复。
kerem commented 2026-03-02 08:18:37 +03:00
Author
Owner
Copy link

@joyanhui commented on GitHub (Mar 4, 2024):

感谢您的帮助,我找到到了旧版的镜像,重新部署了。

<!-- gh-comment-id:1977365864 --> @joyanhui commented on GitHub (Mar 4, 2024): 感谢您的帮助,我找到到了旧版的镜像,重新部署了。
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#391
No description provided.