Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

部署成功 连接成功,但是无法联网,之前没问题 #419

Closed
joyanhui opened this issue Mar 2, 2024 · 2 comments
Closed

部署成功 连接成功,但是无法联网,之前没问题 #419

joyanhui opened this issue Mar 2, 2024 · 2 comments

Comments

@joyanhui
Copy link

joyanhui commented Mar 2, 2024 

mkdir -p /myfile/ipsec/data
cat > /myfile/ipsec/vpn.env <<\EOF
VPN_IPSEC_PSK=abcdefgh123456
VPN_USER=lei
VPN_PASSWORD=abcdefgh123456
# VPN_PUBLIC_IP=10.1.1.7
VPN_ADDL_USERS=user1 user2
VPN_ADDL_PASSWORDS=pass1 pass2
VPN_DNS_SRV1=119.29.29.29
VPN_DNS_SRV2=223.5.5.5
EOF
docker stop ipsec && docker rm ipsec
docker run \
    --name ipsec --network=host \
    --env-file  /myfile/ipsec/vpn.env \
    --restart=always \
    -v /lib/modules:/lib/modules:ro \
    -d --privileged  \
    hwdsl2/ipsec-vpn-server

docker logs ipsec

Trying to auto discover IP of this server...

Setting DNS servers to 119.29.29.29 and 223.5.5.5...

Starting IPsec service...

================================================

IPsec VPN server is now ready for use!

Connect to your new VPN with these details:

Server IP: XXXXXXX
IPsec PSK: abcdefgh123456
Username: lei
Password: abcdefgh123456

Additional VPN users (username | password):
user1 | pass1
user2 | pass2

Write these down. You'll need them to connect!

VPN client setup: https://vpnsetup.net/clients2

================================================

xl2tpd[1]: Not looking for kernel SAref support.
xl2tpd[1]: Using l2tp kernel support.
xl2tpd[1]: xl2tpd version xl2tpd-1.3.18 started on debian PID:1
xl2tpd[1]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[1]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[1]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[1]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
xl2tpd[1]: Listening on IP address 0.0.0.0, port 1701

客户端用ipsec cisco连接成功,但是只能ping通 172.17.0.1
其他ip 包括 172.17.0.3 223.5.5.5 还有 docker宿主机的ip都不通

同样配置文件 在之前的docker镜像是正常的,但是刚看来一下旧版的镜像从hub.docker.com 找不到。
@hwdsl2
Copy link
Owner

hwdsl2 commented Mar 2, 2024
edited
Loading

@joyanhui 你好!本项目最近升级到了 Alpine Linux 3.19。你可以从源代码构建之前的 Alpine 3.18 版本的镜像:

# Clone the repository
git clone https://github.com/hwdsl2/docker-ipsec-vpn-server
cd docker-ipsec-vpn-server
# Go back to the state on Dec. 20, 2023
git checkout 2db2b40df017ab42605e354cfeaca71811b7822c
# To build Alpine-based image (note the dot "." at the end)
docker build -t hwdsl2/ipsec-vpn-server .
# Or, to build Debian-based image
docker build -f Dockerfile.debian -t hwdsl2/ipsec-vpn-server:debian .

完成后,删除并重新创建 Docker 容器。重新连接 VPN。

另外,你也可以尝试不使用 host network 模式 创建 Docker 容器。在某些情况下,使用该模式可能导致 IPTables 规则的问题。

如果你有新的信息可以继续在这里回复。

@hwdsl2 hwdsl2 closed this as completed Mar 2, 2024
@joyanhui
Copy link
Author

joyanhui commented Mar 4, 2024

感谢您的帮助,我找到到了旧版的镜像,重新部署了。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hwdsl2 @joyanhui