This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming Technical chat 【Practical Action】Use Docker to build an IPsec VPN server
View: 11972|Reply: 4

【Practical Action】Use Docker to build an IPsec VPN server

[Copy link]
Posted on 3/13/2022 9:08:50 PM | | | |
ipsec-vpn-server: A Docker image for running an IPsec VPN server with IPsec/L2TP, Cisco IPsec, and IKEv2.

Docker repository address:The hyperlink login is visible.

GitHub address:The hyperlink login is visible.

Reference for setting up Openconnect VPN Server:
Build an ocserv vpn proxy on CentOS 7
https://www.itsvse.com/thread-9409-1-1.html

First, we create a new environment variable in the /root directoryvpn.envThe configuration file for the docker container to read, which reads the following contents:



Create an ipsec-vpn-server application with the following command:

View the container application startup information as shown in the following figure:



Note: The security group of the ECS server must be open4500, 500 UDP ports!!

When connecting to a VPN server using Windows 10, you need to modify the registry once before connecting for the first time to resolve compatibility issues with the VPN server and/or client with NAT (such as a home router). Run the cmd command as administrator as follows:

where HKLM stands for HKEY_LOCAL_MACHINE

Note: After modifying the registry, you will need toRestart your computer!!!

Create a new VPN connection, as shown below:



From the Control Panel, find Network & Sharing Center -> to change adapter settings, click Allow to use these protocols. Select the Challenge Handshake Authentication Protocol (CHAP) and Microsoft CHAP version 2 (MS-CHAP v2) check boxes. As shown below:



Try connecting to a VPN server, as shown below:



Test your iPhone connecting to a VPN server, as shown below:



For other devices to connect to a VPN server, please refer to:The hyperlink login is visible.




Previous:Elasticsearch automatically cleans up indexes to free up disk space
Next:[Translation]. NET to use the difference between ValueTask and Task

Related Posts
 Landlord| Posted on 3/14/2022 9:39:04 AM |
registry

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent to create a new AssumeUDPEncapsulationContextOnSendRule item


 Landlord| Posted on 5/31/2022 9:03:34 PM |
Practical Operation: Using Docker to Build DNS Service (dnsmasq)
https://www.itsvse.com/thread-10321-1-1.html
Posted on 2/13/2023 11:47:28 AM |
Look good, encourage it
 Landlord| Posted on 7/29/2023 11:51:46 AM |
IKEv2 mode (no account and password required) is a better connection mode than IPsec/L2TP and IPsec/XAuth ("Cisco IPsec").

Modern operating systems support the IKEv2 protocol standard. Internet Key Exchange (IKE or IKEv2) is a network protocol that falls under the IPsec protocol family and is used to create security associations (SA). Compared to IKE version 1, IKEv2's feature improvements include, for example, Standard Mobility support through MOBIKE, and improved reliability.

Review the IKEv2 profile

Copy the mobileconfig file required by your iPhone with the following command:

Then, put the fileCopy to iPhone filesInside, then install the profile as shown below:



Reference:The hyperlink login is visible.

Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com