cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andre Jacques <ajacq...@cloudops.com>
Subject Site-to-site VPN Connection via API
Date Tue, 06 Jun 2017 14:30:12 GMT
Hi there,

I am currently creating Site-to-site VPN between
different instance of CloudStack using the
CloudStack API. Let's say I've got VPC_A in ENV_A
and VPC_B in ENV_B. We create VpnCustomerGateway
VCG_TO_B (IP Source NAT and CIDR of VPC_B in the
ENV_A) and VCG_TO_A (IP Source NAT and CIDR of
VPC_A in the ENV_B). I make sure both has the same
preshared-key, IKE Policy and ESP Policy.

Then I create the VpnGateway for VPC_A and VPC_B,
then create the VpnConnection in VPC_A using the
VCG_TO_B VpnCustomerGateway. I make sure the
"passive" is checked, since the VPC_B is not yet
configured. This call does return a 200 OK HTTP
Status Code along with the data I need to refresh
my UI.

Then the problem start. When I come to create the
VpnConnection in VPC_B to connect at VCG_TO_A
VpnCustomerGateway, generally I will receive a 534
with the error message saying "Host with specified
id is not in the right state: Down". The problem
I've got with this is since I receive a 5xx error
code, my presumption is that the VpnConnection has
not been created, but it did. I know that the
"Connection" has been established and there is an
"Error" in that regard, nothing that a refresh
can't solve, but I believe that if the
VpnConnection is created properly in CloudStack,
regardless of its state, it should be returned
along with a 200 OK Status Code.

Thank you for your time,

A. Jacques
Stagiaire - Intern
t 514.447.3456

Mime
View raw message