starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #474] 给用户名设置静态IP没有生效 #446

New issue
Closed
opened 2026-03-02 08:19:00 +03:00 by kerem · 1 comment
kerem commented 2026-03-02 08:19:00 +03:00
Owner
Copy link

Originally created by @cadmael on GitHub (Apr 11, 2025).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/474

docker compose 配置

volumes:
  ikev2-vpn-data:

services:
  vpn:
    image: hwdsl2/ipsec-vpn-server
    restart: always
    network_mode: host 
    env_file:
      - /home/ipsec_vpn/vpn.env
    ports:
      - "500:500/udp"
      - "4500:4500/udp"
    privileged: true
    hostname: ipsec-vpn-server
    container_name: ipsec-vpn-server
    volumes:
      - ikev2-vpn-data:/etc/ipsec.d
      - /lib/modules:/lib/modules:ro
      - /home/ipsec_vpn/chap-secrets:/etc/ppp/chap-secrets
    cap_add:
      - NET_ADMIN

vpn.env 配置

# Note: All the variables to this image are optional.
# See README for more information.
# To use, uncomment and replace with your own values.

# Define IPsec PSK, VPN username and password
# - DO NOT put "" or '' around values, or add space around =
# - DO NOT use these special characters within values: \ " '
VPN_IPSEC_PSK=admin_psk
VPN_USER=admin
VPN_PASSWORD=admin

# Define additional VPN users
# - DO NOT put "" or '' around values, or add space around =
# - DO NOT use these special characters within values: \ " '
# - Usernames and passwords must be separated by spaces
# VPN_ADDL_USERS=additional_username_1 additional_username_2
# VPN_ADDL_PASSWORDS=additional_password_1 additional_password_2

# Use a DNS name for the VPN server
# - The DNS name must be a fully qualified domain name (FQDN)
VPN_DNS_NAME=vpn.xxx.com

# Specify a name for the first IKEv2 client
# - Use one word only, no special characters except '-' and '_'
# - The default is 'vpnclient' if not specified
# VPN_CLIENT_NAME=your_client_name

# Use alternative DNS servers
# - By default, clients are set to use Google Public DNS
# - Example below shows Cloudflare's DNS service
VPN_DNS_SRV1=223.5.5.5
VPN_DNS_SRV2=119.29.29.29

# Protect IKEv2 client config files using a password
# - By default, no password is required when importing IKEv2 client configuration
# - Uncomment if you want to protect these files using a random password
# VPN_PROTECT_CONFIG=yes

VPN_L2TP_NET=10.100.0.0/24
VPN_L2TP_LOCAL=10.100.0.1
VPN_L2TP_POOL=10.100.0.60-10.100.0.99

VPN_ADDL_USERS=cml
VPN_ADDL_PASSWORDS=cml
VPN_ADDL_IP_ADDRS=10.100.0.20

上面是我的配置,我在客户端连接以后 ip依然是自动分配的,我打开chap-secrets 文件显示

"admin" l2tpd "admin" *
"cml" l2tpd "cml" *

我看了这些文档,没有找到解决方案

Originally created by @cadmael on GitHub (Apr 11, 2025). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/474 docker compose 配置 ``` volumes: ikev2-vpn-data: services: vpn: image: hwdsl2/ipsec-vpn-server restart: always network_mode: host env_file: - /home/ipsec_vpn/vpn.env ports: - "500:500/udp" - "4500:4500/udp" privileged: true hostname: ipsec-vpn-server container_name: ipsec-vpn-server volumes: - ikev2-vpn-data:/etc/ipsec.d - /lib/modules:/lib/modules:ro - /home/ipsec_vpn/chap-secrets:/etc/ppp/chap-secrets cap_add: - NET_ADMIN ``` vpn.env 配置 ``` # Note: All the variables to this image are optional. # See README for more information. # To use, uncomment and replace with your own values. # Define IPsec PSK, VPN username and password # - DO NOT put "" or '' around values, or add space around = # - DO NOT use these special characters within values: \ " ' VPN_IPSEC_PSK=admin_psk VPN_USER=admin VPN_PASSWORD=admin # Define additional VPN users # - DO NOT put "" or '' around values, or add space around = # - DO NOT use these special characters within values: \ " ' # - Usernames and passwords must be separated by spaces # VPN_ADDL_USERS=additional_username_1 additional_username_2 # VPN_ADDL_PASSWORDS=additional_password_1 additional_password_2 # Use a DNS name for the VPN server # - The DNS name must be a fully qualified domain name (FQDN) VPN_DNS_NAME=vpn.xxx.com # Specify a name for the first IKEv2 client # - Use one word only, no special characters except '-' and '_' # - The default is 'vpnclient' if not specified # VPN_CLIENT_NAME=your_client_name # Use alternative DNS servers # - By default, clients are set to use Google Public DNS # - Example below shows Cloudflare's DNS service VPN_DNS_SRV1=223.5.5.5 VPN_DNS_SRV2=119.29.29.29 # Protect IKEv2 client config files using a password # - By default, no password is required when importing IKEv2 client configuration # - Uncomment if you want to protect these files using a random password # VPN_PROTECT_CONFIG=yes VPN_L2TP_NET=10.100.0.0/24 VPN_L2TP_LOCAL=10.100.0.1 VPN_L2TP_POOL=10.100.0.60-10.100.0.99 VPN_ADDL_USERS=cml VPN_ADDL_PASSWORDS=cml VPN_ADDL_IP_ADDRS=10.100.0.20 ``` 上面是我的配置,我在客户端连接以后 ip依然是自动分配的,我打开chap-secrets 文件显示 ``` "admin" l2tpd "admin" * "cml" l2tpd "cml" * ``` 我看了这些文档,没有找到解决方案
kerem closed this issue 2026-03-02 08:19:00 +03:00
kerem commented 2026-03-02 08:19:01 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Apr 11, 2025):

@cadmael 你好!你首先重新创建 Docker 容器试试看,可能是对 env 文件的修改没有生效。如果不行的话,目前静态 IP 可能不支持与自定义子网一起使用,你可以自己修改 run.sh 实现该功能。

<!-- gh-comment-id:2797163625 --> @hwdsl2 commented on GitHub (Apr 11, 2025): @cadmael 你好!你首先重新创建 Docker 容器试试看,可能是对 env 文件的修改没有生效。如果不行的话,目前静态 IP 可能不支持与自定义子网一起使用,你可以自己修改 run.sh 实现该功能。
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#446
No description provided.