VPN (PPTP) for Docker
This is a docker image with simple VPN (PPTP) server with chap-secrets authentication.
PPTP uses /etc/ppp/chap-secrets file to authenticate VPN users. You need to create this file on your own and link it to docker when starting a container.
Example of chap-secrets file:
# Secrets for authentication using PAP
# client server secret acceptable local IP addresses
username * password *
Starting VPN server
To start VPN server as a docker container run:
docker run -d --privileged -p 1723:1723 -v {local_path_to_chap_secrets}:/etc/ppp/chap-secrets mobtitude/vpn-pptp
Edit your local chap-secrets file, to add or modify VPN users whenever you need. When adding new users to chap-secrets file, you don't need to restart Docker container.
Connecting to VPN service
You can use any VPN (PPTP) client to connect to the service. To authenticate use credentials provided in chap-secrets file.
Troubleshooting
Docker 1.7.x and connection issues
After upgrading from Docker 1.3.0 to Docker 1.7.1 the containers started from image mobtitude/vpn-pptp
stopped accepting connections to VPN without any reason.
Connections were dropped after timeout.
It looked like Docker deamon didn't forward packets for GRE protocol to container.
One of the possible solutions is to start container with networking mode set to host by adding param --net=host
to run command:
docker run -d --privileged --net=host -v {local_path_to_chap_secrets}:/etc/ppp/chap-secrets mobtitude/vpn-pptp
Note: Before starting container in --net=host
mode, please read how networking in host
mode works in Docker:
https://docs.docker.com/reference/run/#mode-host