Return-Path: 
 <users-return-13636-apmail-cloudstack-users-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-users-archive@www.apache.org
Delivered-To: apmail-cloudstack-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 69EDE1016E
	for <apmail-cloudstack-users-archive@www.apache.org>;
 Mon,  3 Mar 2014 21:09:18 +0000 (UTC)
Received: (qmail 94068 invoked by uid 500); 3 Mar 2014 21:09:17 -0000
Delivered-To: apmail-cloudstack-users-archive@cloudstack.apache.org
Received: (qmail 94029 invoked by uid 500); 3 Mar 2014 21:09:16 -0000
Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:users@cloudstack.apache.org>
List-Id: <users.cloudstack.apache.org>
Reply-To: users@cloudstack.apache.org
Delivered-To: mailing list users@cloudstack.apache.org
Received: (qmail 94021 invoked by uid 99); 3 Mar 2014 21:09:16 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Mar 2014 21:09:16 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of motty.cruz@gmail.com designates
 209.85.223.172 as permitted sender)
Received: from [209.85.223.172] (HELO mail-ie0-f172.google.com)
 (209.85.223.172)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Mar 2014 21:09:10 +0000
Received: by mail-ie0-f172.google.com with SMTP id as1so6265091iec.3
        for <users@cloudstack.apache.org>;
 Mon, 03 Mar 2014 13:08:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=ac2He2SxEm5kgIJ+TVEaDr37Bdnr/6J/mG0Ign5Pj14=;
        b=T0jg2IqOCBxgZheMWij37e4Q9E2XDvGitRbtTtEvbxfQ8cj04tKkX/xck6YmrmLd0d
         Ssmhs897jJAK3zdDDqCSn2pSGXgpys5xcFj4K8mxtjVSAKoiLrst2EdevIfCe34/0eaF
         V/j1gZjGMZYReLj0VfV3adGs+D6c393POMo4Igm4t8OHk/zToKLNH/L3e5b6261moQIL
         7TuSQ1NR6hIITKDn8D3OZnzoDjHrConl8WRITanXbjGeNVu9uzHxobaAha/AixhC8czl
         1YX4qBRvgw18Ffqq2kQ26u5ncvTw0Tw/EaX0QDPk/4Mb2zwp2DJwSplLUgH7Jf278zP5
         GydQ==
MIME-Version: 1.0
X-Received: by 10.50.225.65 with SMTP id ri1mr30607134igc.1.1393880929077;
 Mon, 03 Mar 2014 13:08:49 -0800 (PST)
Received: by 10.50.23.101 with HTTP; Mon, 3 Mar 2014 13:08:49 -0800 (PST)
In-Reply-To: <50C733A8-E6C8-4E2D-804A-65D859BCAB98@shapeblue.com>
References: 
 <CALoOYy5eV5feTAqAVHPt+9hwmrt2wUFtMD8jYbwz8y2ip4EjgA@mail.gmail.com>
	<50C733A8-E6C8-4E2D-804A-65D859BCAB98@shapeblue.com>
Date: Mon, 3 Mar 2014 13:08:49 -0800
Message-ID: 
 <CALoOYy4QVNsqd3rfEXDRhCFXWafHh27vdO1W+yh6NR7Z-dRMFw@mail.gmail.com>
Subject: Re: CS 4.2.1 VPN connection failed
From: motty cruz <motty.cruz@gmail.com>
To: users@cloudstack.apache.org
Content-Type: multipart/alternative; boundary=001a1132f24ea30ee104f3ba3155
X-Virus-Checked: Checked by ClamAV on apache.org

--001a1132f24ea30ee104f3ba3155
Content-Type: text/plain; charset=ISO-8859-1

Hi Geoff,

the CIDR of the remote network is 192.168.0.0/24

IKE policy : 3des-md5
ESP policy 3des-md5
IKE lifetiem : 86400
ESP lifetime 3600
dead peer detection yes
state Error

Status: Resource[Site2SiteVpnConnection:31]is unreachable: Failed to apply
site-to-site VPN

That is the error i'm getting,

In /var/log/message :
Mar  3 20:59:23 r-171-VM cloud: ipsectunnel.sh: done ipsec tunnel entry for
right peer=client_public_ip  right networks=192.168.0.0/24
Mar  3 20:59:23 r-171-VM cloud: ipsectunnel.sh: checking connection
status...
Mar  3 20:59:24 r-171-VM cloud: ipsectunnel.sh: checking connection
status...
Mar  3 20:59:25 r-171-VM cloud: ipsectunnel.sh: checking connection
status...
Mar  3 20:59:26 r-171-VM cloud: ipsectunnel.sh: checking connection
status...
Mar  3 20:59:27 r-171-VM cloud: ipsectunnel.sh: checking connection
status...
Mar  3 20:59:28 r-171-VM cloud: ipsectunnel.sh: fail to connect to remote,
status code: 11
Mar  3 20:59:28 r-171-VM cloud: ipsectunnel.sh: would stop site-to-site VPN
connection
Mar  3 20:59:28 r-171-VM cloud: ipsectunnel.sh: removing configuration for
ipsec tunnel to client_public_ip



On Mon, Mar 3, 2014 at 12:27 PM, Geoff Higginbottom <
geoff.higginbottom@shapeblue.com> wrote:

> Motty,
>
> What is the CIDR of the remote network ?
>
> Regards
>
> Geoff Higginbottom
> CTO / Cloud Architect
>
> D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:
> +442036030540> | M: +447968161581<tel:+447968161581>
>
> geoff.higginbottom@shapeblue.com<mailto:geoff.higginbottom@shapeblue.com>
> | www.shapeblue.com<htp://www.shapeblue.com/> | Twitter:@cloudstackguru<
> https://twitter.com/#!/cloudstackguru>
>
> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N
> 4HS<x-apple-data-detectors://5>
>
>
> On 3 Mar 2014, at 18:17, "motty cruz" <motty.cruz@gmail.com<mailto:
> motty.cruz@gmail.com>> wrote:
>
> Hello All,
> I'm having issues with a site-to-site VPN connection on Cloudstack Advance
> Network.
>
> vpc-1 CIDR 10.99.0.0/16
>
> vpc-tier-1 10.99.1.0/24
>
> customer gateway match client settings,
>
> in Virtual Router I see connections coming from client IP but no route
> back.
> If I log in to VR, I am able to pint client's IP. The outisde firewall not
> filtering outgoing traffic, and incoming traffic from client's IP is allow
> all.
>
> any idea or suggestions?
>
> Thanks,
> Need Enterprise Grade Support for Apache CloudStack?
> Our CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/> offers the best
> 24/7 SLA for CloudStack Environments.
>
> Apache CloudStack Bootcamp training courses
>
> **NEW!** CloudStack 4.2.1 training<
> http://shapeblue.com/cloudstack-training/>
> 18th-19th February 2014, Brazil. Classroom<
> http://shapeblue.com/cloudstack-training/>
> 17th-23rd March 2014, Region A. Instructor led, On-line<
> http://shapeblue.com/cloudstack-training/>
> 24th-28th March 2014, Region B. Instructor led, On-line<
> http://shapeblue.com/cloudstack-training/>
> 16th-20th June 2014, Region A. Instructor led, On-line<
> http://shapeblue.com/cloudstack-training/>
> 23rd-27th June 2014, Region B. Instructor led, On-line<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue is a
> registered trademark.
>

--001a1132f24ea30ee104f3ba3155--