cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jayapalu <...@git.apache.org>
Subject [GitHub] cloudstack issue #872: Strongswan vpn feature
Date Mon, 26 Sep 2016 07:00:47 GMT
Github user jayapalu commented on the issue:

    https://github.com/apache/cloudstack/pull/872
  
    @swill 
    If your connection is not coming up without IKE DH in customer gateway configuration then
try configuring IKE DH in customer gateway value from  UI/API.
    In strongswan 5.2 ipsec, customer gateway configuration (at least in one customer gateway)need
to configured IKE DH value (modp1024), without this the connection  is not coming up. 
    
    Config file VR example:
     cat /etc/ipsec.d/ipsec.vpn-10.147.46.103.conf 
    #conn for vpn-10.147.46.103
    conn vpn-10.147.46.103
     left=10.147.46.104
     leftsubnet=10.2.0.0/16
     leftnexthop=10.147.46.1
     right=10.147.46.103
     rightsubnet=10.1.0.0/16
     type=tunnel
     authby=secret
     keyexchange=ike
     ike=3des-md5-modp1024
     ikelifetime=24h
     esp=3des-md5
     lifetime=1h
     pfs=no
     keyingtries=2
     auto=start
     forceencaps=no



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message