Use docker build a VPN server for mac

1. create vpn setting

$ vim ~/workspace/docker/vpn/env

1
2
3
VPN_IPSEC_PSK=someword_pre_shared_key
VPN_USER=username
VPN_PASSWORD=userpwd

2. load the IPsec af_key kernel module on the Docker host.

1
sudo modprobe af_key

2.1 load it on startup (centos)

$ vim /etc/modules-load.d/af_key.conf

1
2
# Load af_key at boot
af_key

* To ensure that this kernel module is loaded on boot, please refer to: Ubuntu/Debian, CentOS 6, CentOS 7, Fedora and CoreOS.

3. Create a new Docker container from this image (replace ~/.../vpn/env with your own env file):

1
2
3
4
5
6
7
8
9
$ docker run \
    --name ipsec-vpn-server \
    --env-file ~/workspace/docker/vpn/env \
    --restart=always \
    -p 500:500/udp \
    -p 4500:4500/udp \
    -v /lib/modules:/lib/modules:ro \
    -d --privileged \
    hwdsl2/ipsec-vpn-server

View log

1
$ docker logs ipsec-vpn-server

Check server status

1
$ docker exec -it ipsec-vpn-server ipsec status

display current established VPN connections:

1
$ docker exec -it ipsec-vpn-server ipsec whack --trafficstatus

How to setting on mac ?

1
VPN_USER=username
1
2
VPN_PASSWORD=userpwd
VPN_IPSEC_PSK=someword_pre_shared_key

reference :
docker-ipsec-vpn-server