search

hwdsl2 / docker-ipsec-vpn-server

Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
https://hub.docker.com/r/hwdsl2/ipsec-vpn-server
Other
6.37k stars 1.38k forks source link

I cannot use docker host dns resolvers #364

Closed Issam2204 closed 1 year ago

Issam2204 commented 1 year ago

Hello, this might be more of a docker question than ipsec-vpn-server question, but I don't know how to setup the vpn to use the host DNS resolver instead of specifying the DNS server(s) like "1.1.1.1".

This is my setup:

Docker host (Debian server), DNS-over-TLS pointing to --> VPS with Adguard Home (Debian server)

Now, I want to install ipsec-vpn-server on the docker host but relying on the internal host DNS configuration so that I can benefit of DNS-over-TLS and ad-blocking.

Things I've tried:

VPN_DNS_SRV1=172.17.0.1 VPN_DNS_SRV2=172.17.0.1

or

VPN_DNS_SRV1=127.0.0.1 VPN_DNS_SRV2=127.0.0.1

I can connect using my iPhone, but I don't have internet connectivity. It must be related to the DNS configuration.

I'd like to avoid using the actual IP address of the AdGuard Home server because then it will be plain DNS.

Hopefully someone can help!

hwdsl2 commented 1 year ago

@Issam2204 Hello! I am not familiar with this use case. I think that specifying DNS servers that use DNS-over-TLS may not be supported in Libreswan. The following steps have not been tested. Things you can try:

  1. Check your Docker host's /etc/resolv.conf (or similar) to find out what DNS server(s) the Docker host uses for the DNS-over-TLS.
  2. Specify those DNS servers as VPN_DNS_SRV1 and VPN_DNS_SRV2 in your env file, then re-create the Docker container.
  3. You can also read about host network mode.