Docker 搭建 IPsec VPN 服务器
ipsec-vpn-server:用于运行 IPsec VPN 服务器的 Docker 映像,具有 IPsec/L2TP、Cisco IPsec 和 IKEv2。
Docker 仓库地址:https://hub.docker.com/r/hwdsl2/ipsec-vpn-server
GitHub 地址:https://github.com/hwdsl2/docker-ipsec-vpn-server
容器目录: ipsec
1. 首先在ipsec下新建一个vpn.env文件
里面写入的东西:
# Note: All the variables to this image are optional.
# See README for more information.
# To use, uncomment and replace with your own values.
# Define IPsec PSK, VPN username and password
# - DO NOT put "" or '' around values, or add space around =
# - DO NOT use these special characters within values: \ " '
VPN_IPSEC_PSK=预共享密码
VPN_USER=用户名
VPN_PASSWORD=密码
# Define additional VPN users
# - DO NOT put "" or '' around values, or add space around =
# - DO NOT use these special characters within values: \ " '
# - Usernames and passwords must be separated by spaces
# VPN_ADDL_USERS=additional_username_1 additional_username_2
# VPN_ADDL_PASSWORDS=additional_password_1 additional_password_2
# Use a DNS name for the VPN server
# - The DNS name must be a fully qualified domain name (FQDN)
# VPN_DNS_NAME=vpn.example.com
# Specify a name for the first IKEv2 client
# - Use one word only, no special characters except '-' and '_'
# - The default is 'vpnclient' if not specified
# VPN_CLIENT_NAME=your_client_name
# Use alternative DNS servers
# - By default, clients are set to use Google Public DNS
# - Example below shows Cloudflare's DNS service
# VPN_DNS_SRV1=10.0.0.1
# VPN_DNS_SRV2=8.8.8.8
# Protect IKEv2 client config files using a password
# - By default, no password is required when importing IKEv2 client configuration
# - Uncomment if you want to protect these files using a random password
# VPN_PROTECT_CONFIG=yes
2. 新建一个docker-compose.yml文件
version: '3'
services:
vpn:
image: hwdsl2/ipsec-vpn-server
restart: always
env_file:
- ./vpn.env
ports:
- "500:500/udp"
- "4500:4500/udp"
privileged: true
hostname: ipsec-vpn-server
container_name: ipsec
volumes:
- ./ikev2-vpn-data:/etc/ipsec.d
- /lib/modules:/lib/modules:ro
启动之后,出现这个表示成功
手机操作
设置--更多连接--VPN--添加
名称随便
类型:L2TP/IPSec PSK
服务器地址:。。。。
L2TP密钥:上面vpn.env里面的预共享密码
IPsec标识符:不填
点击保存
出来之后点击你刚刚新建的那个vpn
填写用户名和密码,连接
电脑操作
刚开始说一直连不上,但是在某次我重启服务器的docker服务之后,错误变成了“不能建立到远程计算机的连接。你可能需要更改此连接的网络设置”
首先说不能连上这个
管理员运行cmd,运行:
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
控制面板修改创建的vpn,安全里面修改这个
连不上大概就是这些,记得重启电脑
第二个错误,更改网络设置那个
修改注册表,路径在下面,把DriveDesc删掉
计算机\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0001
再在设备管理器中重新安装下 WAN Miniport(IP) 的驱动
首先把驱动先装错一次(先选个蓝牙设备驱动装下,然后会提示设备启动不了的报错的),然后再重新执行此步骤安装正确的驱动才可以
评论 (0)