Return-Path: <users-return-29301-archive-asf-public=cust-asf.ponee.io@cloudstack.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 979FE200D5C
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri,  1 Dec 2017 04:06:31 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 95F80160C04; Fri,  1 Dec 2017 03:06:31 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id B4074160C01
	for <archive-asf-public@cust-asf.ponee.io>; Fri,  1 Dec 2017 04:06:30 +0100 (CET)
Received: (qmail 35052 invoked by uid 500); 1 Dec 2017 03:06:29 -0000
Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:users@cloudstack.apache.org>
List-Id: <users.cloudstack.apache.org>
Reply-To: users@cloudstack.apache.org
Delivered-To: mailing list users@cloudstack.apache.org
Received: (qmail 34973 invoked by uid 99); 1 Dec 2017 03:06:27 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Dec 2017 03:06:27 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id D403EC5DE2;
	Fri,  1 Dec 2017 03:06:26 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.589
X-Spam-Level: *
X-Spam-Status: No, score=1.589 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, HTML_MESSAGE=2,
	KB_WAM_FROM_NAME_SINGLEWORD=0.2, RCVD_IN_DNSWL_LOW=-0.7,
	RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001,
	T_DKIM_INVALID=0.01] autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=fail (1024-bit key) reason="fail (body has been altered)"
	header.d=persistentsystems.onmicrosoft.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id qe19ejux6tF4; Fri,  1 Dec 2017 03:06:25 +0000 (UTC)
Received: from esa3.hc19988.iphmx.com (esa3.hc19988.iphmx.com [68.232.145.37])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id EDB9A5F3B7;
	Fri,  1 Dec 2017 03:06:24 +0000 (UTC)
X-Persistent_Disclaimer: true
X-Accelerite_Disclaimer: true
X-IronPort-AV: E=Sophos;i="5.45,343,1508783400";
   d="scan'208,217";a="5775656"
Received: from mail-ma1ind01lp0145.outbound.protection.outlook.com (HELO IND01-MA1-obe.outbound.protection.outlook.com) ([23.103.140.145])
  by ob1.hc19988.iphmx.com with ESMTP/TLS/AES256-SHA256; 01 Dec 2017 08:36:20 +0530
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=persistentsystems.onmicrosoft.com; s=selector1-accelerite-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=0d+Kptr5g5assUSEdnwJzoc+3JZ41KHHvFjlWiktPlQ=;
 b=hj4ZIVE8H5Y0pTGGq6NrIcieqCJSsGWGXACPYA185biCH9vxyB8QM+BhyUtQcO8CSlOhp5nYd2rMJ7XjzceOuBJTLPWC3db2LgoS/aV7G2iwQVHcY6N9m8+3mVcx/MveD70aiJ8Tf6X4dwn+tDlsFQslbdMlnpuTpBw90VDwihc=
Received: from PN1PR0101MB1422.INDPRD01.PROD.OUTLOOK.COM (52.134.161.147) by
 PN1PR0101MB1421.INDPRD01.PROD.OUTLOOK.COM (52.134.161.146) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Fri, 1 Dec
 2017 03:06:15 +0000
Received: from PN1PR0101MB1422.INDPRD01.PROD.OUTLOOK.COM
 ([fe80::7904:28b3:d28d:b4cd]) by PN1PR0101MB1422.INDPRD01.PROD.OUTLOOK.COM
 ([fe80::7904:28b3:d28d:b4cd%18]) with mapi id 15.20.0282.007; Fri, 1 Dec 2017
 03:06:15 +0000
From: Srinivas Gandikota <srinivas.gandikota@accelerite.com>
To: dev <dev@cloudstack.apache.org>, Nux! <nux@li.nux.ro>
CC: "users@cloudstack.apache.org" <users@cloudstack.apache.org>
Subject: Re: S2S VPN to AWS problems
Thread-Topic: S2S VPN to AWS problems
Thread-Index: u2ZunlJa9nsK8gMkllmISxw5L758wtn3ZbWk
Date: Fri, 1 Dec 2017 03:06:14 +0000
Message-ID: <PN1PR0101MB1422EEDFAD57FEC64B5611DBE3390@PN1PR0101MB1422.INDPRD01.PROD.OUTLOOK.COM>
References: <356196307.17946.1512063271060.JavaMail.zimbra@li.nux.ro>
In-Reply-To: <356196307.17946.1512063271060.JavaMail.zimbra@li.nux.ro>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=srinivas.gandikota@accelerite.com;
x-originating-ip: [121.240.161.130]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1;PN1PR0101MB1421;6:rq3trOjvNNE/+ZuBCcWGcM7GiSAywiYXDsLJpNa4Ozqw3nyA7ST7POp696XtyJCFR9s8mGMWgnk7ODbgYmeWPQVKQGs52vUp0hiCwBHRRat6UNdWbGDAecuZhzkUauYFQW9zK5uhTBeMzmXxcIOVpNUnQsr0ohRSlqzO0U3CRAl6vth0oueDCKV/NBKd5uXnavGfWg10iDciB5v/LNTgk0aY9A0/kxUh4DqX3hQuLm2lIKs5NWHCJuT3ZwimqaQhA7Sg3EbPSvkaY4XlgoPV44nCj8J85QP5iiYbrT62xeNbCWC7c2sDow7VQ9NcseWurwLVh4RoEDdokru0HtPUl6usoPT+4WBwJsQN1Ro3uPM=;5:aV5Lm8WIvKQb2Ft33g9c1k9QLe125W1T7DlplnnGy7G8Tyed3YsjT02Q4WILU22Vvmk/u5JR+koYuaErX2exdmxjNejsULCL/DKECJTfugRWMV3h0GSGs8dHWOMNjoFIfmq+1c0MxjulfNoAr5lW/pESOQClBni7kmMF98Qv33M=;24:kAfpva85Sn4zonJ+Ida4gcwAlOX4PzArgyE6D+WtPEm14edvLhL7v/zA+KhuIxngXI9kdnOLn3PtbaM3oYNelfoI1l8HO7ROeQnPKdYpKDk=;7:dRyvR3BkFhd2MC+GatBJKs7N6r8Va2na3bDJuVb6kFlCpPJ95hp/l6WOH9EKZQIFC5+1gBlJ0l4txTeOXouTVc/Ux9jv0/a0mAbVRwc1xwYCv0orIfg2Np94RsX+rYo1xBE7wjUV5+TWRLiOVLCaCjSArOkT+PyqgTV6G+wut34XVN8NL7U2HDkxNgysGanzecv7vKDFmEo3eG1JYaHDlmwgLJtYGvyi/80farMxgvHt7AAH4U6k5nlxqoPYdady
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 65b0dcf2-e938-4647-a872-08d538687c2b
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603286);SRVR:PN1PR0101MB1421;
x-ms-traffictypediagnostic: PN1PR0101MB1421:|PN1PR0101MB1421:
x-ld-processed: 1f4beacd-b7aa-49b2-aaa1-b8525cb257e0,ExtAddr
x-microsoft-antispam-prvs: <PN1PR0101MB1421F597434C1CC13365FA68E3390@PN1PR0101MB1421.INDPRD01.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(3231022)(6055026)(6041248)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123560025)(20161123558100)(6072148)(201708071742011);SRVR:PN1PR0101MB1421;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:PN1PR0101MB1421;
x-forefront-prvs: 05087F0C24
x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(6009001)(376002)(366004)(39860400002)(346002)(199003)(189002)(54896002)(53936002)(6506006)(2906002)(3280700002)(25786009)(9686003)(33656002)(66066001)(68736007)(99286004)(19627405001)(55016002)(5250100002)(6436002)(14454004)(478600001)(316002)(97736004)(102836003)(7696005)(110136005)(3660700001)(6116002)(3846002)(106356001)(5660300001)(189998001)(86362001)(81156014)(8676002)(105586002)(2950100002)(101416001)(6606003)(81166006)(6246003)(2900100001)(8936002)(15974865002)(74316002)(7736002)(4326008)(53546010)(229853002)(54356011)(76176011);DIR:OUT;SFP:1101;SCL:1;SRVR:PN1PR0101MB1421;H:PN1PR0101MB1422.INDPRD01.PROD.OUTLOOK.COM;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative;
	boundary="_000_PN1PR0101MB1422EEDFAD57FEC64B5611DBE3390PN1PR0101MB1422_"
MIME-Version: 1.0
X-OriginatorOrg: accelerite.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 65b0dcf2-e938-4647-a872-08d538687c2b
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Dec 2017 03:06:14.8939
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 1f4beacd-b7aa-49b2-aaa1-b8525cb257e0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PN1PR0101MB1421
archived-at: Fri, 01 Dec 2017 03:06:31 -0000

--_000_PN1PR0101MB1422EEDFAD57FEC64B5611DBE3390PN1PR0101MB1422_
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Nux,


You can get one tunnel working, but requires two manual changes in the VR s=
trongswan vpn options.


  1.  Enforce ikev1
  2.  add compress=3Dno

If all other pieces are in sync, tunnel should be up.

Thanks,
Srinivas



________________________________
From: Nux! <nux@li.nux.ro>
Sent: Thursday, November 30, 2017 11:04 PM
To: dev
Cc: users
Subject: S2S VPN to AWS problems

Hello,

Has anyone managed to get a s2s VPN up with an AWS VPC?
I see AWS require the setup of two tunnels which does not seem possible in =
ACS. Connecting to either tunnels alone results in the VPN getting disconne=
cted.

Any pointers much appreciated!

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro
DISCLAIMER
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This e-mail may contain privileged and confidential information which is th=
e property of Accelerite, a Persistent Systems business. It is intended onl=
y for the use of the individual or entity to which it is addressed. If you =
are not the intended recipient, you are not authorized to read, retain, cop=
y, print, distribute or use this message. If you have received this communi=
cation in error, please notify the sender and delete all copies of this mes=
sage. Accelerite, a Persistent Systems business does not accept any liabili=
ty for virus infected mails.

--_000_PN1PR0101MB1422EEDFAD57FEC64B5611DBE3390PN1PR0101MB1422_--