Join Log in
Score:0
raphael.oester avatar Server

Can't connect to static VPN from docker compose

in flag
raphael.oester

I'm trying to create a symetric VPN server with openvpn in a docker-compose. Here it is:

---
version: "3"
services:
  vpn: 
    image: whitebox/vpn:0.2
    networks: 
      - standard
    tty: true
    ports: 
      - "1194:1194/udp"
    volumes:
      - ./server:/home/server:ro
      - ./static.key:/home/static.key:ro
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    restart: always
    networks:
      standard:
        ipv4_address: "10.10.0.254"
  web:
    image: tutum/apache-php
    volumes:
      - ./web:/var/www/html:ro
      - ./client:/home/client:ro
    networks: 
      standard:
        ipv4_address: "10.10.0.2"
networks:
  standard:
    driver: bridge
    ipam: 
      config:
        - subnet: 10.10.0.0/16

When it is launched, I (temporarly) manually install openvpn, do some basics configs and launch the service. Everything seems to work just fine, except I can't connect to it from any device.

Server configuration file:

ifconfig 10.10.0.254 10.10.0.10
verb 3
secret static.key
keepalive 1 10
persist-key
persist-tun
proto udp
port 1195
dev tun
status /home/vpn.log

Client configuration file:

remote 192.168.37.137 1194
dev tun 
ifconfig 10.10.0.10 10.10.0.254
secret static.key

The strange thing about this is that I tried mounting the exact same server on a simple VM and everything works. The client can connect to it and access the 10.10.0.0/16 network. Although, here is the connexion log for the client:

Wed Aug 11 00:37:16 2021 TUN/TAP device tun0 opened
Wed Aug 11 00:37:16 2021 /sbin/ip link set dev tun0 up mtu 1500
Wed Aug 11 00:37:16 2021 /sbin/ip addr add dev tun0 local 10.10.0.10 peer 10.10.0.254
Wed Aug 11 00:37:16 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.37.137:1194
Wed Aug 11 00:37:16 2021 UDP link local (bound): [AF_INET][undef]:1194
Wed Aug 11 00:37:16 2021 UDP link remote: [AF_INET]192.168.37.137:1194

And the corresponding container-based server:

Wed Aug 11 07:34:40 2021 TUN/TAP device tun0 opened
Wed Aug 11 07:34:40 2021 TUN/TAP TX queue length set to 100
Wed Aug 11 07:34:40 2021 /sbin/ip link set dev tun0 up mtu 1500
Wed Aug 11 07:34:40 2021 /sbin/ip addr add dev tun0 local 10.10.0.254 peer 10.10.0.10
Wed Aug 11 07:34:40 2021 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed Aug 11 07:34:40 2021 Socket Buffers: R=[212992->212992] S=[212992->212992]
Wed Aug 11 07:34:40 2021 UDPv4 link local (bound): [AF_INET][undef]:1195
Wed Aug 11 07:34:40 2021 UDPv4 link remote: [AF_UNSPEC]

As you can see, no connexion is made. Anyone has any idea why ?

111
1 + 0
vpn
Score:1
AutoGnome avatar Server
us flag
AutoGnome

Make sure the ports are properly configured.

You are forwarding port 1194 to your container but OpenVPN is configured to listen to port 1195.

0 + 1
raphael.oester avatar
in flag
raphael.oester
Can't believe i lost so much time on this... Thanks mate
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.