cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy <jayapalati...@gmail.com>
Subject Re: ACS Virtual Routers VPN multiple connections‏
Date Fri, 11 Dec 2015 05:35:03 GMT
Hi Patrick,

Connecting multiple remote access vpn clients from behind nat (from the
same public ip) is not supported in strongswan vpn also.
I think this is possible with the ikve2 but not with ikve1. Ikev2 i have
not tried.

Thanks,
Jayapal

On Mon, Oct 26, 2015 at 5:11 PM, Patrick W. <warswe@hotmail.com> wrote:

> Hi Jayapal,
> Great, thanks for your quick precise reply!I saw your work on replacing it
> with strongswan. Is this going to potentially resolve this limitation? Any
> status to share on this work?
> Many many thanks!Patrick
>
> > From: jayapalreddy.uradi@citrix.com
> > To: users@cloudstack.apache.org
> > Subject: Re: ACS Virtual Routers VPN multiple connections‏
> > Date: Mon, 26 Oct 2015 11:17:45 +0000
> >
> > Hi Patrick,
> >
> > ACS VR is using the openswan ipsec for vpn.
> > Only one VPN client connection is supported by openswan when multiple
> clients are trying to connect to same public of the VR. This is the
> limitation from the openswan ipsec.
> >
> > Thanks,
> > Jayapal
> >
> >
> > > On 26-Oct-2015, at 4:33 pm, Patrick W. <warswe@hotmail.com> wrote:
> > >
> > > Hi All,
> > >
> > >
> > >
> > >
> > >
> > > I’d like to get some of your feedback about the operation of
> > > the VPN feature of ACS Virtual Routers. The main problem encountered
> is the
> > > fact that only one single L2TP/IPSec connection can be established at
> a time,
> > > from the same physical location, behind the same gateway / router /
> NAT device
> > > / single public IP. Two or more clients can establish connections if
> they’re
> > > not in the same location and behind the same restrictions listed above.
> > >
> > > As this has been observed on multiple locations, with
> > > various network topologies, setup and hardware, before digging into
> the network
> > > configuration and options, I wanted to ensure it’s not a limitation
> coming from
> > > the ACS VR itself.
> > >
> > >
> > >
> > >
> > >
> > > Has anyone experienced or bypassed the same constraint?
> > >
> > >
> > >
> > >
> > >
> > > Thanks in advance
> > >
> > > patrick
> >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message