cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Will Stevens <>
Subject Re: Site-to-site VPN Connection via API
Date Tue, 06 Jun 2017 14:42:33 GMT
What version of ACS are you using?  The implementation has changed a few
times recently, so it is an important detail.


*Will Stevens*


On Tue, Jun 6, 2017 at 10:30 AM, Andre Jacques <>

> Hi there,
> I am currently creating Site-to-site VPN between
> different instance of CloudStack using the
> CloudStack API. Let's say I've got VPC_A in ENV_A
> and VPC_B in ENV_B. We create VpnCustomerGateway
> VCG_TO_B (IP Source NAT and CIDR of VPC_B in the
> ENV_A) and VCG_TO_A (IP Source NAT and CIDR of
> VPC_A in the ENV_B). I make sure both has the same
> preshared-key, IKE Policy and ESP Policy.
> Then I create the VpnGateway for VPC_A and VPC_B,
> then create the VpnConnection in VPC_A using the
> VCG_TO_B VpnCustomerGateway. I make sure the
> "passive" is checked, since the VPC_B is not yet
> configured. This call does return a 200 OK HTTP
> Status Code along with the data I need to refresh
> my UI.
> Then the problem start. When I come to create the
> VpnConnection in VPC_B to connect at VCG_TO_A
> VpnCustomerGateway, generally I will receive a 534
> with the error message saying "Host with specified
> id is not in the right state: Down". The problem
> I've got with this is since I receive a 5xx error
> code, my presumption is that the VpnConnection has
> not been created, but it did. I know that the
> "Connection" has been established and there is an
> "Error" in that regard, nothing that a refresh
> can't solve, but I believe that if the
> VpnConnection is created properly in CloudStack,
> regardless of its state, it should be returned
> along with a 200 OK Status Code.
> Thank you for your time,
> A. Jacques
> Stagiaire - Intern
> t 514.447.3456

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message