search

hwdsl2 / docker-ipsec-vpn-server

Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
https://hub.docker.com/r/hwdsl2/ipsec-vpn-server
Other
6.52k stars 1.4k forks source link

Change VPN subnets! #291

Closed alkolexx closed 2 years ago

alkolexx commented 2 years ago

Hello! It is very necessary to change vpn addressing of subnets 192.168.42. and 192.168.43. docker solution... Can this be done using .env file or are there other ways?

hwdsl2 commented 2 years ago

@alkolexx Hello! Advanced users may specify custom subnet(s) in the env file, see examples below. You must re-create the Docker container after modifying the env file.

# Example for IPsec/L2TP mode
VPN_L2TP_NET=10.1.0.0/16
VPN_L2TP_LOCAL=10.1.0.1
VPN_L2TP_POOL=10.1.0.10-10.1.254.254
# Example for IPsec/XAuth and IKEv2 modes
VPN_XAUTH_NET=10.2.0.0/16
VPN_XAUTH_POOL=10.2.0.10-10.2.254.254

VPN_L2TP_LOCAL is the VPN server's internal VPN IP for IPsec/L2TP mode. VPN_L2TP_POOL and VPN_XAUTH_POOL are the pools of auto-assigned IP addresses for VPN clients.

Note that if you specify VPN_XAUTH_POOL in the env file, and IKEv2 is already set up in the Docker container, you must manually edit /etc/ipsec.d/ikev2.conf inside the container and replace rightaddresspool=192.168.43.10-192.168.43.250 with the same value as VPN_XAUTH_POOL, before re-creating the Docker container. Otherwise, IKEv2 may stop working.