refactor(rego-tunnel): Replace QEMU VM with native Docker Cisco VPN
Some checks failed
Test / test (push) Has been cancelled
Some checks failed
Test / test (push) Has been cancelled
- Switch from linux-vm QEMU image to cisco-vpn native Docker image - Change port from 8006 to 6080 (noVNC) - Remove VM-specific config (RAM, CPU, bridges, taps, QEMU) - Add VPN credential fields (email, password, TOTP, VPN host) - Add auto-connect and VNC password options - Update description.md with new documentation - Simplify Docker requirements (no /dev/kvm needed) Benefits: - No QEMU/VM overhead - runs natively in Docker - Full Cisco Secure Client 5.1.14.145 with GUI - Auto-login with TOTP support - Auto-reconnect on disconnect Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -1,82 +1,71 @@
|
||||
<h1 align="center">Windows<br />
|
||||
<div align="center">
|
||||
<a href="https://github.com/dockur/windows"><img src="https://github.com/dockur/windows/raw/master/.github/logo.png" title="Logo" style="max-width:100%;" width="128" /></a>
|
||||
</div>
|
||||
<div align="center">
|
||||
# Rego Tunnel - Cisco Secure Client VPN
|
||||
|
||||
</div></h1>
|
||||
|
||||
Windows in a Docker container.
|
||||
Run Cisco Secure Client (AnyConnect) with full GUI support in Docker using noVNC.
|
||||
|
||||
## Features
|
||||
|
||||
- ISO downloader
|
||||
- KVM acceleration
|
||||
- Web-based viewer
|
||||
- **Full Cisco Secure Client 5.1.14.145** with GUI
|
||||
- VPN, DART, and Posture modules pre-installed
|
||||
- **Web-based VNC access** via noVNC
|
||||
- Systemd support for proper service management
|
||||
- **No QEMU or VM overhead** - runs natively in Docker
|
||||
- **Auto-login with TOTP support** - fully automated connection
|
||||
- Auto-reconnect on disconnect
|
||||
|
||||
## FAQ
|
||||
## Quick Start
|
||||
|
||||
* ### How do I use it?
|
||||
1. **Install the app** through Runtipi
|
||||
2. **Configure credentials** (optional) through app settings for auto-connect
|
||||
3. **Access the VPN GUI** at `http://<your-server>:6080/vnc.html`
|
||||
4. Default VNC password: `cisco123`
|
||||
|
||||
Very simple! These are the steps:
|
||||
|
||||
- Start the container and connect to [port 8006](http://localhost:8006) using your web browser.
|
||||
## Auto-Connect
|
||||
|
||||
- Sit back and relax while the magic happens, the whole installation will be performed fully automatic.
|
||||
For fully automated VPN connection:
|
||||
|
||||
- Once you see the desktop, your Windows installation is ready for use.
|
||||
|
||||
Enjoy your brand new machine, and don't forget to star this repo!
|
||||
1. Fill in your VPN Email, Password, and TOTP Secret in app settings
|
||||
2. Enable "Auto-Connect on Start"
|
||||
3. The container will automatically connect to VPN on startup
|
||||
|
||||
* ### How do I select the Windows version?
|
||||
## Manual Connect
|
||||
|
||||
By default, Windows 11 will be installed. But you can change that in settings, in order to specify an alternative Windows version to be downloaded:
|
||||
If you prefer manual login:
|
||||
|
||||
Select from the values below:
|
||||
|
||||
| **Value** | **Description** | **Source** | **Transfer** | **Size** |
|
||||
|---|---|---|---|---|
|
||||
| `win11` | Windows 11 Pro | Microsoft | Fast | 6.4 GB |
|
||||
| `win10` | Windows 10 Pro | Microsoft | Fast | 5.8 GB |
|
||||
| `ltsc10` | Windows 10 LTSC | Microsoft | Fast | 4.6 GB |
|
||||
| `win81` | Windows 8.1 Pro | Microsoft | Fast | 4.2 GB |
|
||||
| `win7` | Windows 7 SP1 | Bob Pony | Medium | 3.0 GB |
|
||||
| `vista` | Windows Vista SP2 | Bob Pony | Medium | 3.6 GB |
|
||||
| `winxp` | Windows XP SP3 | Bob Pony | Medium | 0.6 GB |
|
||||
||||||
|
||||
| `2022` | Windows Server 2022 | Microsoft | Fast | 4.7 GB |
|
||||
| `2019` | Windows Server 2019 | Microsoft | Fast | 5.3 GB |
|
||||
| `2016` | Windows Server 2016 | Microsoft | Fast | 6.5 GB |
|
||||
| `2012` | Windows Server 2012 R2 | Microsoft | Fast | 4.3 GB |
|
||||
| `2008` | Windows Server 2008 R2 | Microsoft | Fast | 3.0 GB |
|
||||
||||||
|
||||
| `core11` | Tiny 11 Core | Archive.org | Slow | 2.1 GB |
|
||||
| `tiny11` | Tiny 11 | Archive.org | Slow | 3.8 GB |
|
||||
| `tiny10` | Tiny 10 | Archive.org | Slow | 3.6 GB |
|
||||
1. Access the noVNC interface at port 6080
|
||||
2. Use the Cisco Secure Client GUI to connect
|
||||
3. Enter your credentials manually
|
||||
|
||||
* ### How do I connect using RDP?
|
||||
## VPN CLI (inside container)
|
||||
|
||||
The web-viewer is mainly meant to be used during installation, as its picture quality is low, and it has no audio or clipboard for example.
|
||||
```bash
|
||||
# Connect to VPN
|
||||
docker exec -it rego-tunnel /opt/cisco/secureclient/bin/vpn connect <server>
|
||||
|
||||
So for a better experience you can connect using any Microsoft Remote Desktop client to the IP of the container, using the username `docker` and by leaving the password empty.
|
||||
# Check status
|
||||
docker exec -it rego-tunnel /opt/cisco/secureclient/bin/vpn state
|
||||
|
||||
There is a good RDP client for [Android](https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx) available from the Play Store. One for [iOS](https://apps.apple.com/nl/app/microsoft-remote-desktop/id714464092?l=en-GB) is in the Apple Store. For Linux you can use [rdesktop](http://www.rdesktop.org/) and for Windows you don't need to install anything as it is already ships as part of the operating system.
|
||||
# Disconnect
|
||||
docker exec -it rego-tunnel /opt/cisco/secureclient/bin/vpn disconnect
|
||||
```
|
||||
|
||||
* ### How do I verify if my system supports KVM?
|
||||
## Troubleshooting
|
||||
|
||||
To verify if your system supports KVM, run the following commands:
|
||||
### VPN connects but immediately disconnects
|
||||
Check if the DNS files are writable. Restart the container if needed.
|
||||
|
||||
```bash
|
||||
sudo apt install cpu-checker
|
||||
sudo kvm-ok
|
||||
```
|
||||
### "Unable to start VA" error
|
||||
This usually means the DNS files are read-only. Restart the container.
|
||||
|
||||
If you receive an error from `kvm-ok` indicating that KVM acceleration can't be used, check the virtualization settings in the BIOS.
|
||||
### noVNC not accessible
|
||||
Check if the VNC service is running:
|
||||
```bash
|
||||
docker exec rego-tunnel systemctl status vnc.service
|
||||
```
|
||||
|
||||
* ### Is this project legal?
|
||||
## Technical Details
|
||||
|
||||
Yes, this project contains only open-source code and does not distribute any copyrighted material. Any product keys found in the code are just generic placeholders provided by Microsoft for trial purposes. So under all applicable laws, this project would be considered legal.
|
||||
|
||||
## Disclaimer
|
||||
|
||||
The product names, logos, brands, and other trademarks referred to within this project are the property of their respective trademark holders. This project is not affiliated, sponsored, or endorsed by Microsoft Corporation.
|
||||
The container uses:
|
||||
- `--privileged` mode for systemd and DNS mount manipulation
|
||||
- `NET_ADMIN` capability for VPN tunnel creation
|
||||
- `/dev/net/tun` device for the VPN tunnel
|
||||
- Ports: 6080 (noVNC web UI), 5901 (VNC)
|
||||
|
||||
Reference in New Issue
Block a user