docker-softether-vpnsrv icon indicating copy to clipboard operation
docker-softether-vpnsrv copied to clipboard

Published 20 hours ago verified publisher icon cenk1cenk2

Connection no network

Open 775118134 opened this issue 9 months ago • 8 comments

hi~ Cloud host:
image image image

in container: image image

Cloud host:

192.168.0.36

docker container softether :

eth0 172.20.30.2 tap_soft 192.168.32.1

remote vpn client

image image image

docker-compose.yml

version: '3'
services:
  softether:
    image: cenk1cenk2/softether-vpnsrv:latest
    container_name: softether
    restart: always
    networks:
      soft_network:
        ipv4_address: 172.20.30.2
    devices:
      - /dev/net/tun
    environment:
      - TZ=Asia/Shanghai
      - LOG_LEVEL=trace
      - SERVER_MODE=dhcp
      - SERVER_CIDR_ADDRESS=192.168.32.0/24
      - DHCP_SERVER_LEASE=12h
      - DHCP_SERVER_SEND_GATEWAY=true
      - DHCP_SERVER_GATEWAY=192.168.32.1
      - DHCP_SERVER_FORWARDING_ZONE=127.0.0.11
      - SOFTETHER_TAP_INTERFACE=soft
      - SOFTETHER_DEFAULT_HUB=VPN
    ports:
      - 443:1443/tcp     # softether
      - 992:992/tcp       # softether alternative
      - 5555:5555/tcp     # softether alternative
      - 1194:1194/udp     # openvpn
      - 500:500/udp       # l2tp IPSec IKE
      - 4500:4500/udp     # l2tp IPSec
      - 1701:1701/tcp     # l2tp
    volumes:
      - ./conf:/conf
      - ./hooks:/docker.init.d:ro
      - ./server_log:/etc/softether/server_log
      - ./security_log:/etc/softether/security_log
      - ./packet_log:/etc/softether/packet_log
    cap_add:
      - SETGID
      - SETUID
      - NET_ADMIN
      - NET_RAW
      - NET_BIND_SERVICE
networks:
  soft_network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.20.30.0/24
          gateway: 172.20.30.1

dnsmasq.conf

# Comment out the port=0 so dnsmasq can provide dns services to clients
# port=0
interface=tap_soft
dhcp-range=tap_soft,192.168.32.10,192.168.32.200,255.255.255.0,12h
dhcp-option=tap_soft,3,192.168.32.1
# set option 6 to announce itself as the DNS server
dhcp-option=tap_soft,6,192.168.32.1
# Use option 121 to announce to *nix vpn clients various routes you want routed through the VPN to allow split tunnel
dhcp-option=tap_soft,121,192.168.0.0/24,192.168.32.1,192.168.10.0/24,192.168.32.1
# use option 249 to announce to windows vpn clients the same routes as 121
dhcp-option=tap_soft,249,192.168.0.0/24,192.168.32.1,192.168.10.0/24,192.168.32.1
# Send microsoft-specific option to tell windows to release the DHCP lease
# when it shuts down. Note the "i" flag, to tell dnsmasq to send the
# value as a four-byte integer - that's what microsoft wants. See
# https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dhcpe/4cde5ceb-4fc1-4f9a-82e9-13f6b38d930c
dhcp-option=vendor:MSFT,2,1i

conf-dir=/etc/dnsmasq.d

runtime log: image

The docker docker-softether-vpnsrv container 172.20.30.2 is deployed on the cloud host 192.168.0.36, and the 1443 port is connected through the softether client ssl protocol. It is now connected and assigned the IP address 192.168.32.53, but it can only communicate with the container 172.20. 30.2 Communication, I cannot access the host, LAN, or Internet. Can you help me see how to modify it?

775118134 avatar May 22 '24 14:05 775118134