cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daan Hoogland <>
Subject Re: VPC Site to Site VPN CIDR RFC1918
Date Wed, 21 May 2014 12:09:07 GMT

The vpn let's you connect to all the computers in the network on the
other site on their private adresses. This means that you can give the
cidr of the remote network in the definition on vpn connection.

one network has and ip
the other has and ip

on the first you define endpoint/gateway with cidr
and you make it passive
on the second you define the adresses of the first and stat is without
the passive function
now you can ping a machine with address from a machine with

Of course you can do this to an external network as well, which makes
far more sense.

On Wed, May 21, 2014 at 12:14 PM, Erik Weber <> wrote:
>    - *CIDR list*: The guest CIDR list of the remote subnets. Enter a CIDR
>    or a comma-separated list of CIDRs. Ensure that a guest CIDR list is not
>    overlapped with the VPC’s CIDR, or another guest CIDR. The CIDR must be
>    RFC1918-compliant.
> I'm not a network guy, so excuse the question if it's obvious, but if a
> customer only has public ip's on their end, why is rfc1918 required?
> --
> Erik Weber


View raw message