diff --git a/modules/cloud-config-container/onprem/docker-images/strongswan/Dockerfile b/modules/cloud-config-container/onprem/docker-images/strongswan/Dockerfile
index 7a22d943..8bb6165b 100644
--- a/modules/cloud-config-container/onprem/docker-images/strongswan/Dockerfile
+++ b/modules/cloud-config-container/onprem/docker-images/strongswan/Dockerfile
@@ -12,10 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM alpine:latest
+FROM debian:bullseye-slim
 
-RUN set -xe \
-  && apk add --no-cache strongswan bash sudo
+ENV STRONGSWAN_VERSION=5.9
+
+RUN apt-get update \
+  && DEBIAN_FRONTEND=noninteractive apt-get install -y sudo iptables procps strongswan=${STRONGSWAN_VERSION}* \
+  && rm -rf /var/lib/apt/lists/*
 
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod 0755 /entrypoint.sh
diff --git a/modules/cloud-config-container/onprem/docker-images/strongswan/entrypoint.sh b/modules/cloud-config-container/onprem/docker-images/strongswan/entrypoint.sh
index e99d1ec8..bf596bc0 100644
--- a/modules/cloud-config-container/onprem/docker-images/strongswan/entrypoint.sh
+++ b/modules/cloud-config-container/onprem/docker-images/strongswan/entrypoint.sh
@@ -22,7 +22,7 @@ _stop_ipsec() {
   echo "Shutting down strongSwan/ipsec..."
   ipsec stop
 }
-trap _stop_ipsec SIGTERM
+trap _stop_ipsec TERM
 
 # Making the containter to work as a default gateway for LAN_NETWORKS
 iptables -t nat -A POSTROUTING -s ${LAN_NETWORKS} -o ${VPN_DEVICE} -m policy --dir out --pol ipsec -j ACCEPT