cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Peterson <jpeter...@acentek.net>
Subject RE: VPC VPN Connectivity Issues
Date Wed, 09 Sep 2015 23:47:05 GMT
So I'm still looking into this has anyone ever tried this?

Do you have anyone I can talk to?

I've been asking since 8.29.2015

I guess the issue is on a Mac since my VPN network is 10.1.2.0/24 and my VPC network is 192.168.2.0/24
he cannot connect.  
I tested it out on windows 8, 7, 10, 8.1 all work as expected.

I don't have a Mac I can test with so I was hoping someone here would have any advise.

Jeremy

-----Original Message-----
From: Jeremy Peterson [mailto:jpeterson@acentek.net] 
Sent: Tuesday, September 8, 2015 8:12 AM
To: users@cloudstack.apache.org
Subject: RE: VPC VPN Connectivity Issues

No my issue is not resolved I've been reaching out to the IRC channel and have not received
notification of anyone knowing what my issue could be.

It would be great to get some traction this week on the issue.  I keep having to open ACL
for public access to the servers as this user is unable to get to the server via VPN.

Jeremy

-----Original Message-----
From: Remi Bergsma [mailto:RBergsma@schubergphilis.com] 
Sent: Saturday, September 5, 2015 10:11 AM
To: <users@cloudstack.apache.org> <users@cloudstack.apache.org>
Subject: Re: VPC VPN Connectivity Issues

Hi Jeremy,

Did you already solve your problem?

Not sure if it is possible to use the IPSec tunnels from remote VPN. Firewall might be too
strict, but haven't looked yet. 

Regards, Remi 

Sent from my iPhone

> On 29 Aug 2015, at 17:00, Jeremy Peterson <jpeterson@acentek.net> wrote:
> 
> I am not sure if this was asked or answered but googling has led me no where.
> 
> 
> I am running cloudstack 4.5.0,  XenServer 6.5, Advanced networking w/ VLAN segmentation.
> 
> 
> I have a VPC setup which i am using a IPSec tunnel back to a zywall firewall and a monowall
firewall.
> 
> 
> Monowall                    Cloustack VPC            zywall
> 
> 192.168.1.0/24            192.168.2.0/24        192.168.71.0/24
> 
> 
> Tunnels are setup in vpc for both locations and servers in cloudstack can connect to
the world and connect to the monowall and zywall networks.
> 
> 
> Everything is fine with that but when I have a remote user that needs to VPN into the
cloudstack VPC is where i am thrown into a whirlwind of questions.
> 
> 
> I setup a VPN connection on the VR for the VPC.
> 
> I setup username/password.
> 
> 
> The user sets up the connection on his Mac OSX and using split tunnel can connect to
the VPN.
> 
> 
> My VPN network is 10.1.2.0/24
> 
> 
> He receives a 10.1.2.3 ip address.
> 
> 
> He is unable to ping the IPSec Tunnel gateways 192.168.1.1 and 192.168.71.1.
> 
> 
> He can get to the world as his default gateway is his router.
> 
> 
> I switched to push all traffic over the VPN to remove the split tunnel.
> 
> 
> He is able to ping the 10.1.2.1 gateway on the VR
> 
> 
> He is able to ping his gateway the VPC router 10.1.2.1.
> 
> 
> He is able to ping the VPC network's gateway 192.168.2.1
> 
> He is unable to get to the world.  I try to ping google dns 8.8.8.8 and it doesnt' get
past the VR 10.1.2.1 in traceroutes.
> 
> I am looking for help on this as i'm confused.  If I change him back to a split tunnel
as that would be prefered why is the tunnel not annoucing all networks know to the VR.
> 
> I was able to recreate this issue on windows 8.1.
> 
> ?Jeremy

Mime
View raw message