search

hwdsl2 / docker-ipsec-vpn-server

Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
https://hub.docker.com/r/hwdsl2/ipsec-vpn-server
Other
6.35k stars 1.38k forks source link

[Question] Is it possible to access a client from the server hosts network/subnet #421

Closed jamesholz closed 5 months ago

jamesholz commented 5 months ago

Hello!

I am running this vpn through docker, currently in bridge mode. The clients are able to access resources on the server's subnet, however I am not able to access any client from the servers subnet (unless of course i connect the relevant device to the vpn also).

I followed instructions in the non docker version such as IP tables and routing but this was confusing because of the docker. I also note there are no specific instructions around this here.

For example, client is assigned 192.168.42.10, and trying to access it from servers 192.168.1.37, but this does not work.

Any ideas? Thank you so much.

hwdsl2 commented 5 months ago

@jamesholz Hello! For your use case, due to Docker's network isolation it is difficult to access a VPN client from the Docker host's network, so this use case is not currently supported. A few things you can try:

  1. First open a bash shell inside the container.
  2. Perform step 1 in the section Access VPN clients from server's subnet, be sure to replace 10.1.0.3 with 192.168.1.37.
  3. Exit the container by running exit.
  4. On your 192.168.1.37 server, perform step 2 in the section mentioned above, be sure to replace 10.1.0.2 with your Docker host's IP address, and eth0 with the network interface name of the 192.168.1.37 server.

The above may not work due to Docker's network isolation. In that case, you may want to look into alternative methods for your use case.