A Dockerfile based off of phusion/baseimage-docker that establishes a VPN connection with vpnc.
VPNC_GATEWAY: IP/name of your IPSec gatewayVPNC_ID: Group nameVPNC_SECRET: Group passwordVPNC_USERNAME: XAUTH usernameVPNC_PASSWORD: XAUTH password
First, ensure that all of the environment variables above exist in a file:
$ cat > .env <<EOF
VPNC_GATEWAY=1.2.3.4
VPNC_ID=joker-group
VPNC_SECRET=joker-secret
VPNC_USERNAME=joker
VPNC_PASSWORD=joker-password
EOFNote: You can also use the -e option to docker run.
Next, build the container:
$ docker build -t azavea/vpnc .Lastly, run the container, and then ask ipify what your external IP address is. It should return the IP address of your VPN endpoint.
$ docker run --rm -ti --privileged --env-file .env --dns 8.8.8.8 \
azavea/vpnc /sbin/my_init --quiet -- \
/bin/sh -c "sleep 5 && curl 'https://api.ipify.org?format=json'"
VPNC started in foreground...
{"ip":"216.158.51.82"}
$ curl 'https://api.ipify.org?format=json'
{"ip":"52.2.53.130"}Option Explanations
--rm: Removes the container after it's done executing--privileged: Allows the container to create and make use of thetundevice--env-file: Loads up the contents of.envinto the container's environment--dns: Make use of Google's DNS servers for name resolution within the container/sbin/my_init: The init system provided byphusion/baseimage-docker
Everything after -- is the command we want to run within the container, in addition to the services managed by my_init.
Note: If you get an error like the one below, it is a known bug with vpnc:
select: Interrupted system call
terminated by signal: 15