VPN client in a docker running on server

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
tomcy21
Posts: 2
Joined: Tue Feb 16, 2021 2:38 pm

VPN client in a docker running on server

Post by tomcy21 » Fri Feb 19, 2021 9:34 am

Hi there,
I'm kind of lost in all the networking features between docker and Softether.

I setup a Softether Server on an AWS EC2 instance (Ubuntu 18.04);
I can connect to the VPN from anywhere (linux and windows computer)- no problem.

On my AWS EC2 instance, I have dockers running different applications eg webserver.
I would that each virtualhub to form a LAN between its client and a docker container. See attached picture for better understanding

I tried to run VPN client in a docker in the server using this docker image https://github.com/nefarius/docker-softether-vpn-client. I tried different adress of the server : public ip of the server, localhost, eth0 IP ... but I can't make it work. Using "network_mode: host" option in the docker-compose makes me loose the ssh connection to my instance.
(I can connect to the server using this docker on my linux computer. And only the docker is connected to the VPN, my computer keep its public IP)

Do you have an idea about this problem ? Maybe it's a bad network design. I know docker can create bridges and virtual interfaces. Maybe I should connect the docker to a virtualHub with a local_bridge or something like this ?

Thank you ;)
You do not have the required permissions to view the files attached to this post.

drkrool
Posts: 97
Joined: Mon May 25, 2020 4:38 am
Location: Quebec, Canada

Re: VPN client in a docker running on server

Post by drkrool » Mon Feb 22, 2021 5:23 am

Hi,
With such setup, it could be needed to use the bridge feature.
Ususally it's writen in the github page of the docker as there is no official docker of softether as it's not really written for it provided it's made to use the NIC directly

tomcy21
Posts: 2
Joined: Tue Feb 16, 2021 2:38 pm

Re: VPN client in a docker running on server

Post by tomcy21 » Mon Feb 22, 2021 10:33 am

Hi @drkrool, thanks for your answer!
Indeed I think I should use a local bridge and not a vpn client in the docker for performance reasons.

However i struggle setting up the local bridge to the docker network.
I created a docker bridge :

Code: Select all

 docker network create -d bridge --subnet 192.168.5.0/24 --gateway 192.168.5.1 test_bridge1 
For test purpose i'm running nginx docker on the server with this docker-compose:

Code: Select all

version: "3"

services:
  web_server:
    image: nginx:latest
    container_name: web_server
    ports:
      - 8080:80
    network_mode: test_bridge1
My container got an IP, 192.168.5.2.
My virtualHub, SecureNat is disabled, no dhcp.
When I create the softether local bridge, I target my VirualHub and the interface br-.... that was created when create the docker bridge (first command up here)

But now when connection, the client don't get an IP and of course I can't access the webserver.
I'm surely totaly wrong somewhere trying to figure it out.

Post Reply