cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Will Stevens <wstev...@cloudops.com>
Subject Re: Site-to-site VPN Connection via API
Date Tue, 06 Jun 2017 15:36:43 GMT
Let me know.  The implementation between 4.7 and 4.10 has completely
changed.  I rewrote it to remove OpenSwan and replace it with StrongSwan,
so let me know if you have issues with 4.10.

Cheers,

*Will Stevens*
CTO

<https://goo.gl/NYZ8KK>

On Tue, Jun 6, 2017 at 10:47 AM, Andre Jacques <ajacques@cloudops.com>
wrote:

> I'm currently testing on 4.7.2.9. I have
> access to a 4.10 freshly installed. I'll try that.
>
> On Tue, Jun 6, 2017 at 10:42 AM, Will Stevens <wstevens@cloudops.com>
> wrote:
> > What version of ACS are you using?  The implementation has changed a few
> > times recently, so it is an important detail.
> >
> > Cheers,
> >
> > *Will Stevens*
> > CTO
> >
> > <https://goo.gl/NYZ8KK>
> >
> > On Tue, Jun 6, 2017 at 10:30 AM, Andre Jacques <ajacques@cloudops.com>
> > wrote:
> >
> >> Hi there,
> >>
> >> I am currently creating Site-to-site VPN between
> >> different instance of CloudStack using the
> >> CloudStack API. Let's say I've got VPC_A in ENV_A
> >> and VPC_B in ENV_B. We create VpnCustomerGateway
> >> VCG_TO_B (IP Source NAT and CIDR of VPC_B in the
> >> ENV_A) and VCG_TO_A (IP Source NAT and CIDR of
> >> VPC_A in the ENV_B). I make sure both has the same
> >> preshared-key, IKE Policy and ESP Policy.
> >>
> >> Then I create the VpnGateway for VPC_A and VPC_B,
> >> then create the VpnConnection in VPC_A using the
> >> VCG_TO_B VpnCustomerGateway. I make sure the
> >> "passive" is checked, since the VPC_B is not yet
> >> configured. This call does return a 200 OK HTTP
> >> Status Code along with the data I need to refresh
> >> my UI.
> >>
> >> Then the problem start. When I come to create the
> >> VpnConnection in VPC_B to connect at VCG_TO_A
> >> VpnCustomerGateway, generally I will receive a 534
> >> with the error message saying "Host with specified
> >> id is not in the right state: Down". The problem
> >> I've got with this is since I receive a 5xx error
> >> code, my presumption is that the VpnConnection has
> >> not been created, but it did. I know that the
> >> "Connection" has been established and there is an
> >> "Error" in that regard, nothing that a refresh
> >> can't solve, but I believe that if the
> >> VpnConnection is created properly in CloudStack,
> >> regardless of its state, it should be returned
> >> along with a 200 OK Status Code.
> >>
> >> Thank you for your time,
> >>
> >> A. Jacques
> >> Stagiaire - Intern
> >> t 514.447.3456
> >>
>
>
>
> --
> André Jacques
> Stagiaire | Intern
> t 514.447.3456
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message