starred/docker-ipsec-vpn-server
1
0
Fork 0
mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00
Code Issues Projects Releases Packages Wiki Activity

[GH-ISSUE #10] error 800 on client #7

New issue
Closed
opened 2026-03-02 07:11:00 +03:00 by kerem · 5 comments
kerem commented 2026-03-02 07:11:00 +03:00
Owner
Copy link

Originally created by @mbsanchez on GitHub (Sep 18, 2016).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/10

I have followed your guide to install this image in my vps, but i'm getting error 800 in my client machine, I don't know what to do to fix this error.

port 500 and 4500 was opened in my vps, but i'm still getting the same error.

host machine:

uname -a && lsb_release -a
Linux vultr.guest 3.13.0-95-generic #142-Ubuntu SMP Fri Aug 12 17:00:09 UTC 2016 x86_64 x86_64    x86_64 GNU/Linux
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.5 LTS
Release:        14.04
Codename: trusty

Docker log:

xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 47a42351aaa5 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[1]: death_handler: Fatal signal 15 received

docker exec -it ipsec-vpn-server ipsec status:

000 Total IPsec connections: loaded 3, active 0
000
000 State Information: DDoS cookies not required, Accepting new IKE connections
000 IKE SAs: total(31), half-open(0), open(31), authenticated(0), anonymous(0)
000 IPsec SAs: total(0), authenticated(0), anonymous(0)
000
000 #6: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26760s; nodpd; idle; import:not set
000 #14: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26901s; nodpd; idle; import:not set
000 #17: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27022s; nodpd; idle; import:not set
000 #26: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27171s; nodpd; idle; import:not set
000 #30: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28648s; nodpd; idle; import:not set
000 #21: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27052s; nodpd; idle; import:not set
000 #22: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27156s; nodpd; idle; import:not set
000 #12: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26889s; nodpd; idle; import:not set
000 #9: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26788s; nodpd; idle; import:not set
000 #8: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26772s; nodpd; idle; import:not set
000 #7: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26764s; nodpd; idle; import:not set
000 #31: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28651s; nodpd; idle; import:not set
000 #29: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28647s; nodpd; idle; import:not set
000 #28: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28646s; nodpd; idle; import:not set
000 #13: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26893s; nodpd; idle; import:not set
000 #18: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27024s; nodpd; idle; import:not set
000 #16: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27020s; nodpd; idle; import:not set
000 #15: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26917s; nodpd; idle; import:not set
000 #4: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26758s; nodpd; idle; import:not set
000 #10: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26885s; nodpd; idle; import:not set
000 #2: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26494s; nodpd; idle; import:not set
000 #24: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27159s; nodpd; idle; import:not set
000 #19: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27028s; nodpd; idle; import:not set
000 #25: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27163s; nodpd; idle; import:not set
000 #5: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26758s; nodpd; idle; import:not set
000 #20: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27036s; nodpd; idle; import:not set
000 #3: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26495s; nodpd; idle; import:not set
000 #27: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27187s; nodpd; idle; import:not set
000 #23: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27157s; nodpd; idle; import:not set
000 #11: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26887s; nodpd; idle; import:not set
000 #1: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26493s; nodpd; idle; import:not set
Originally created by @mbsanchez on GitHub (Sep 18, 2016). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/10 I have followed your guide to install this image in my vps, but i'm getting error 800 in my client machine, I don't know what to do to fix this error. port 500 and 4500 was opened in my vps, but i'm still getting the same error. host machine: ``` uname -a && lsb_release -a Linux vultr.guest 3.13.0-95-generic #142-Ubuntu SMP Fri Aug 12 17:00:09 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.5 LTS Release: 14.04 Codename: trusty ``` Docker log: ``` xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 47a42351aaa5 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 xl2tpd[1]: death_handler: Fatal signal 15 received ``` docker exec -it ipsec-vpn-server ipsec status: ``` 000 Total IPsec connections: loaded 3, active 0 000 000 State Information: DDoS cookies not required, Accepting new IKE connections 000 IKE SAs: total(31), half-open(0), open(31), authenticated(0), anonymous(0) 000 IPsec SAs: total(0), authenticated(0), anonymous(0) 000 000 #6: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26760s; nodpd; idle; import:not set 000 #14: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26901s; nodpd; idle; import:not set 000 #17: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27022s; nodpd; idle; import:not set 000 #26: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27171s; nodpd; idle; import:not set 000 #30: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28648s; nodpd; idle; import:not set 000 #21: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27052s; nodpd; idle; import:not set 000 #22: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27156s; nodpd; idle; import:not set 000 #12: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26889s; nodpd; idle; import:not set 000 #9: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26788s; nodpd; idle; import:not set 000 #8: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26772s; nodpd; idle; import:not set 000 #7: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26764s; nodpd; idle; import:not set 000 #31: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28651s; nodpd; idle; import:not set 000 #29: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28647s; nodpd; idle; import:not set 000 #28: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 28646s; nodpd; idle; import:not set 000 #13: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26893s; nodpd; idle; import:not set 000 #18: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27024s; nodpd; idle; import:not set 000 #16: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27020s; nodpd; idle; import:not set 000 #15: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26917s; nodpd; idle; import:not set 000 #4: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26758s; nodpd; idle; import:not set 000 #10: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26885s; nodpd; idle; import:not set 000 #2: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26494s; nodpd; idle; import:not set 000 #24: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27159s; nodpd; idle; import:not set 000 #19: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27028s; nodpd; idle; import:not set 000 #25: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27163s; nodpd; idle; import:not set 000 #5: "l2tp-psk"[1] X.X.X.X:1008 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26758s; nodpd; idle; import:not set 000 #20: "l2tp-psk"[1] X.X.X.X:1006 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27036s; nodpd; idle; import:not set 000 #3: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26495s; nodpd; idle; import:not set 000 #27: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27187s; nodpd; idle; import:not set 000 #23: "l2tp-psk"[1] X.X.X.X:1005 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 27157s; nodpd; idle; import:not set 000 #11: "l2tp-psk"[1] X.X.X.X:1007 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26887s; nodpd; idle; import:not set 000 #1: "l2tp-psk"[1] X.X.X.X:500 STATE_MAIN_R1 (sent MR1, expecting MI2); EVENT_SA_EXPIRE in 26493s; nodpd; idle; import:not set ```
kerem closed this issue 2026-03-02 07:11:00 +03:00
kerem commented 2026-03-02 07:11:01 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 18, 2016):

@mbsanchez Hello! Please try the following steps one by one. Re-connect the VPN after each step to see if the problem is solved:

  1. Restart the Docker container: docker restart ipsec-vpn-server. Then check docker ps -a and docker logs ipsec-vpn-server to make sure it is running.
  2. Remove your existing VPN connection on the Windows computer, and re-create it by carefully following the client configuration instructions in [1].
  3. Toggle the "IPsec Passthrough" option on your home router, if any.
  4. Check [2] for additional troubleshooting tips.

[1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md
[2] https://blogs.technet.microsoft.com/rrasblog/2009/08/12/troubleshooting-common-vpn-related-errors/

<!-- gh-comment-id:247865888 --> @hwdsl2 commented on GitHub (Sep 18, 2016): @mbsanchez Hello! Please try the following steps one by one. Re-connect the VPN after each step to see if the problem is solved: 1. Restart the Docker container: `docker restart ipsec-vpn-server`. Then check `docker ps -a` and `docker logs ipsec-vpn-server` to make sure it is running. 2. Remove your existing VPN connection on the Windows computer, and re-create it by carefully following the client configuration instructions in [1]. 3. Toggle the "IPsec Passthrough" option on your home router, if any. 4. Check [2] for additional troubleshooting tips. [1] https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md [2] https://blogs.technet.microsoft.com/rrasblog/2009/08/12/troubleshooting-common-vpn-related-errors/
kerem commented 2026-03-02 07:11:01 +03:00
Author
Owner
Copy link

@mbsanchez commented on GitHub (Sep 18, 2016):

docker ps -a

47a42351aaa5        hwdsl2/ipsec-vpn-server   "/run.sh"           4 hours ago         Up 27 seconds             0.0.0.0:500->500/udp, 0.0.0.0:4500->4500/udp   ipsec-vpn-server
8502bdfe366c        hello-world               "/hello"            8 months ago        Exited (0) 8 months ago                                                  loving_borg

docker logs ipsec-vpn-server

Setup VPN clients: https://git.io/vpnclients

================================================

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: .
xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 47a42351aaa5 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

I follow your instructions but nothing changed. I also have disabled the IPSec Passthrough in my home router

<!-- gh-comment-id:247867570 --> @mbsanchez commented on GitHub (Sep 18, 2016): docker ps -a ``` 47a42351aaa5 hwdsl2/ipsec-vpn-server "/run.sh" 4 hours ago Up 27 seconds 0.0.0.0:500->500/udp, 0.0.0.0:4500->4500/udp ipsec-vpn-server 8502bdfe366c hello-world "/hello" 8 months ago Exited (0) 8 months ago loving_borg ``` docker logs ipsec-vpn-server ``` Setup VPN clients: https://git.io/vpnclients ================================================ Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: . xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 47a42351aaa5 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 ``` I follow your instructions but nothing changed. I also have disabled the IPSec Passthrough in my home router
kerem commented 2026-03-02 07:11:01 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 18, 2016):

@mbsanchez Please contact me via my GitHub profile. I'll set up a test server so that you can try connecting, in order to find out whether the problem is with the server or your VPN client.

<!-- gh-comment-id:247868394 --> @hwdsl2 commented on GitHub (Sep 18, 2016): @mbsanchez Please contact me via my GitHub profile. I'll set up a test server so that you can try connecting, in order to find out whether the problem is with the server or your VPN client.
kerem commented 2026-03-02 07:11:01 +03:00
Author
Owner
Copy link

@mbsanchez commented on GitHub (Sep 20, 2016):

I have resolved my issue, the problem was that my ISP have a firewall blocking ports from 1-1023, i have called to client support and request to disable the firewall. All works very well now.

<!-- gh-comment-id:248370125 --> @mbsanchez commented on GitHub (Sep 20, 2016): I have resolved my issue, the problem was that my ISP have a firewall blocking ports from 1-1023, i have called to client support and request to disable the firewall. All works very well now.
kerem commented 2026-03-02 07:11:01 +03:00
Author
Owner
Copy link

@hwdsl2 commented on GitHub (Sep 20, 2016):

@mbsanchez Great! Thanks for letting us know.

<!-- gh-comment-id:248456183 --> @hwdsl2 commented on GitHub (Sep 20, 2016): @mbsanchez Great! Thanks for letting us know.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question
No labels
bug
pull-request
question
question
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#7
No description provided.