[GH-ISSUE #421] [Question] Is it possible to access a client from the server hosts network/subnet #393

New issue

Closed

opened 2026-03-02 08:18:37 +03:00 by kerem · 1 comment

kerem commented

2026-03-02 08:18:37 +03:00

Owner

Originally created by @jamesholz on GitHub (Mar 27, 2024).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/421

Hello!

I am running this vpn through docker, currently in bridge mode. The clients are able to access resources on the server's subnet, however I am not able to access any client from the servers subnet (unless of course i connect the relevant device to the vpn also).

I followed instructions in the non docker version such as IP tables and routing but this was confusing because of the docker. I also note there are no specific instructions around this here.

For example, client is assigned 192.168.42.10, and trying to access it from servers 192.168.1.37, but this does not work.

Any ideas? Thank you so much.

Originally created by @jamesholz on GitHub (Mar 27, 2024). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/421 Hello! I am running this vpn through docker, currently in bridge mode. The clients are able to access resources on the server's subnet, however I am not able to access any client from the servers subnet (unless of course i connect the relevant device to the vpn also). I followed instructions in the non docker version such as IP tables and routing but this was confusing because of the docker. I also note there are no specific instructions around this here. For example, client is assigned 192.168.42.10, and trying to access it from servers 192.168.1.37, but this does not work. Any ideas? Thank you so much.

kerem closed this issue

2026-03-02 08:18:37 +03:00

kerem commented

2026-03-02 08:18:38 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Mar 27, 2024):

@jamesholz Hello! For your use case, due to Docker's network isolation it is difficult to access a VPN client from the Docker host's network, so this use case is not currently supported. A few things you can try:

First open a bash shell inside the container.
Perform step 1 in the section Access VPN clients from server's subnet, be sure to replace 10.1.0.3 with 192.168.1.37.
Exit the container by running exit.
On your 192.168.1.37 server, perform step 2 in the section mentioned above, be sure to replace 10.1.0.2 with your Docker host's IP address, and eth0 with the network interface name of the 192.168.1.37 server.

The above may not work due to Docker's network isolation. In that case, you may want to look into alternative methods for your use case.

@hwdsl2 commented on GitHub (Mar 27, 2024): @jamesholz Hello! For your use case, due to Docker's network isolation it is difficult to access a VPN client from the Docker host's network, so this use case is not currently supported. A few things you can try: 1. First [open a bash shell inside the container](https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/docs/advanced-usage.md#bash-shell-inside-container). 2. Perform step 1 in the section [Access VPN clients from server's subnet](https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/advanced-usage.md#access-vpn-clients-from-servers-subnet), be sure to replace `10.1.0.3` with `192.168.1.37`. 3. Exit the container by running `exit`. 4. On your `192.168.1.37` server, perform step 2 in the section mentioned above, be sure to replace `10.1.0.2` with your Docker host's IP address, and `eth0` with the network interface name of the `192.168.1.37` server. The above may not work due to Docker's network isolation. In that case, you may want to look into alternative methods for your use case.

No labels

bug

pull-request

question

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#393

No description provided.

Rows
Columns