cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoff Higginbottom <geoff.higginbot...@shapeblue.com>
Subject RE: Site to Site and RA VPN?
Date Tue, 12 Nov 2013 11:32:02 GMT
Ashley,

Sounds like a nice workaround.

I assume you install a VPN appliance in each Tier?
Have you had any problems with the VPNs traversing the different Tiers and effectively breaking
the VPC isolation model?
Have you created a 'template' for the StrongSwan VM or do you need to install  it for each
network?

FYI User VPN is coming to VPCs, but it's not there yet

Regards

Geoff Higginbottom

D: +44 20 3603 0542 | S: +44 20 3603 0540 | M: +447968161581

geoff.higginbottom@shapeblue.com

-----Original Message-----
From: CSG - Ashley Lester [mailto:ashley@computer-services.com.au]
Sent: 12 November 2013 11:09
To: users@cloudstack.apache.org
Subject: RE: Site to Site and RA VPN?

Hi Steve,

We use CentOS with StrongSwan VPN Server installed.  You need to assign a extra WAN IP and
enable static nat to the VPN Server. This gives us Site to site VPN, Remote access VPN, port
forwarding etc.  We are using CS 4.02

It has been reliable

-----Original Message-----
From: Steve Searles [mailto:ssearles@zimcom.net]
Sent: Saturday, 9 November 2013 2:24 PM
To: users@cloudstack.apache.org
Subject: Site to Site and RA VPN?

In CS 4.2 remote access VPN's are not supported inside a VPC; likewise site to site is not
supported in a non VPC isolated network. (Advanced Zone).  What is the best practice/suggestion
if both are required? A small Linux instance inside the VPC to serve as a vpn endpoint for
the remote users?  I am looking for what has worked well for others in this situation.



Steve Searles
Director, Network Operations
Zimcom Internet Solutions, Inc.
http://www.zimcom.net
Phone. (513)231-9500
Fax. (513)624-3909
Toll Free. (888)624-3910

This email and any attachments to it may be confidential and are intended solely for the use
of the individual to whom it is addressed. Any views or opinions expressed are solely those
of the author and do not necessarily represent those of Shape Blue Ltd or related companies.
If you are not the intended recipient of this email, you must neither take any action based
upon its contents, nor copy or show it to anyone. Please contact the sender if you believe
you have received this email in error. Shape Blue Ltd is a company incorporated in England
& Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated
under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated
in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.

Mime
View raw message