[GH-ISSUE #8] CentOS Linux release 7.2.1511 (Core) error #9

Closed
opened 2026-03-02 07:11:00 +03:00 by kerem · 8 comments
Owner

Originally created by @xfree86 on GitHub (Aug 20, 2016).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/8

docker run
--name ipsec-vpn-server
--env-file ./vpn.env
-p 500:500/udp
-p 4500:4500/udp
-v /lib/modules:/lib/modules:ro
-d --privileged
hwdsl2/ipsec-vpn-server

modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.5.5-x86_64-linode69/modules.dep.bin'
Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: Initializing NSS database

xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 6538e2d25626 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

docker: Error response from daemon: driver failed programming external connectivity on endpoint ipsec-vpn-server (87fb4aaf354e190bb59ecb3f5874d9be47b57ced728ebe6958784d92d8f70199): iptables failed: iptables --wait -t nat -A DOCKER -p udp -d 0/0 --dport 4500 -j DNAT --to-destination 172.17.0.2:4500 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1).

CentOS Linux release 7.2.1511 (Core)

Originally created by @xfree86 on GitHub (Aug 20, 2016). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/8 docker run \ --name ipsec-vpn-server \ --env-file ./vpn.env \ -p 500:500/udp \ -p 4500:4500/udp \ -v /lib/modules:/lib/modules:ro \ -d --privileged \ hwdsl2/ipsec-vpn-server # modprobe: ERROR: ../libkmod/libkmod.c:557 kmod_search_moddep() could not open moddep file '/lib/modules/4.5.5-x86_64-linode69/modules.dep.bin' Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: Initializing NSS database xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 6538e2d25626 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701 docker: Error response from daemon: driver failed programming external connectivity on endpoint ipsec-vpn-server (87fb4aaf354e190bb59ecb3f5874d9be47b57ced728ebe6958784d92d8f70199): iptables failed: iptables --wait -t nat -A DOCKER -p udp -d 0/0 --dport 4500 -j DNAT --to-destination 172.17.0.2:4500 ! -i docker0: iptables: No chain/target/match by that name. (exit status 1). CentOS Linux release 7.2.1511 (Core)
kerem closed this issue 2026-03-02 07:11:00 +03:00
Author
Owner

@hwdsl2 commented on GitHub (Aug 20, 2016):

@xfree86 For servers on Linode, you must use a distribution-provided kernel via GRUB. Please follow instructions in [1]. When finished, remove and recreate the Docker container. This should fix the issue.

[1] https://www.linode.com/docs/tools-reference/custom-kernels-distros/run-a-distribution-supplied-kernel-with-kvm

<!-- gh-comment-id:241215938 --> @hwdsl2 commented on GitHub (Aug 20, 2016): @xfree86 For servers on Linode, you must use a distribution-provided kernel via GRUB. Please follow instructions in [1]. When finished, remove and recreate the Docker container. This should fix the issue. [1] https://www.linode.com/docs/tools-reference/custom-kernels-distros/run-a-distribution-supplied-kernel-with-kvm
Author
Owner

@hwdsl2 commented on GitHub (Aug 24, 2016):

@xfree86 Closing due to inactivity.

<!-- gh-comment-id:242076460 --> @hwdsl2 commented on GitHub (Aug 24, 2016): @xfree86 Closing due to inactivity.
Author
Owner

@quinnsam commented on GitHub (Nov 10, 2016):

I am also on Centos 7 and am experiencing this issue. I have followed the linode steps and I already have the latest distribution-provided kernel and grub. Any suggestions?

<!-- gh-comment-id:259613105 --> @quinnsam commented on GitHub (Nov 10, 2016): I am also on Centos 7 and am experiencing this issue. I have followed the linode steps and I already have the latest distribution-provided kernel and grub. Any suggestions?
Author
Owner

@hwdsl2 commented on GitHub (Nov 10, 2016):

@quinnsam Please post the output of these commands, with your VPN details removed:

uname -a
ls -l /lib/modules
docker logs ipsec-vpn-server
<!-- gh-comment-id:259735209 --> @hwdsl2 commented on GitHub (Nov 10, 2016): @quinnsam Please post the output of these commands, with your VPN details removed: ``` uname -a ls -l /lib/modules docker logs ipsec-vpn-server ```
Author
Owner

@quinnsam commented on GitHub (Nov 11, 2016):

$ uname -a
Linux Xi 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

$ ls -l /lib/modules
total 20
drwxr-xr-x. 5 root root 4096 Oct 28 08:58 ./
dr-xr-xr-x. 53 root root 4096 Nov 1 21:50 ../
drwxr-xr-x. 7 root root 4096 Nov 1 17:40 3.10.0-327.36.1.el7.x86_64/
drwxr-xr-x. 7 root root 4096 Nov 1 17:40 3.10.0-327.36.2.el7.x86_64/
drwxr-xr-x. 8 root root 4096 Nov 1 21:50 3.10.0-327.36.3.el7.x86_64/

$ docker logs ipsec-vpn-server
Trying to auto discover IPs of this server...

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: _..**.**_
IPsec PSK: ************
Username: *************
Password: **************

Write these down. You'll need them to connect!

Setup VPN clients: https://git.io/vpnclients

Redirecting to: /etc/init.d/ipsec start
Starting pluto IKE daemon for IPsec: Initializing NSS database

.
xl2tpd[1]: setsockopt recvref[30]: Protocol not available
xl2tpd[1]: This binary does not support kernel L2TP.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 5d72aa3f88b2 PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

<!-- gh-comment-id:259999907 --> @quinnsam commented on GitHub (Nov 11, 2016): **$ uname -a** Linux Xi 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux **$ ls -l /lib/modules** total 20 drwxr-xr-x. 5 root root 4096 Oct 28 08:58 ./ dr-xr-xr-x. 53 root root 4096 Nov 1 21:50 ../ drwxr-xr-x. 7 root root 4096 Nov 1 17:40 3.10.0-327.36.1.el7.x86_64/ drwxr-xr-x. 7 root root 4096 Nov 1 17:40 3.10.0-327.36.2.el7.x86_64/ drwxr-xr-x. 8 root root 4096 Nov 1 21:50 3.10.0-327.36.3.el7.x86_64/ **$ docker logs ipsec-vpn-server** Trying to auto discover IPs of this server... # IPsec VPN server is now ready for use! Connect to your new VPN with these details: Server IP: **_.**_.**_.**_ IPsec PSK: ************ Username: ************* Password: ************** Write these down. You'll need them to connect! Setup VPN clients: https://git.io/vpnclients # Redirecting to: /etc/init.d/ipsec start Starting pluto IKE daemon for IPsec: Initializing NSS database . xl2tpd[1]: setsockopt recvref[30]: Protocol not available xl2tpd[1]: This binary does not support kernel L2TP. xl2tpd[1]: xl2tpd version xl2tpd-1.3.6 started on 5d72aa3f88b2 PID:1 xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701
Author
Owner

@hwdsl2 commented on GitHub (Nov 11, 2016):

@quinnsam Thanks for the details. The outputs all look fine. Your VPN server should be working now. Please check.

<!-- gh-comment-id:260004664 --> @hwdsl2 commented on GitHub (Nov 11, 2016): @quinnsam Thanks for the details. The outputs all look fine. Your VPN server should be working now. Please check.
Author
Owner

@quinnsam commented on GitHub (Nov 11, 2016):

It is thank you!

<!-- gh-comment-id:260011667 --> @quinnsam commented on GitHub (Nov 11, 2016): It is thank you!
Author
Owner

@doing-cr7 commented on GitHub (Jul 16, 2020):

systemctl restart docker.

<!-- gh-comment-id:659317910 --> @doing-cr7 commented on GitHub (Jul 16, 2020): systemctl restart docker.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-ipsec-vpn-server#9
No description provided.