Github user jayapalu commented on the issue:

    https://github.com/apache/cloudstack/pull/872
  
    @swill 
    If your connection is not coming up without IKE DH in customer gateway 
configuration then try configuring IKE DH in customer gateway value from  
UI/API.
    In strongswan 5.2 ipsec, customer gateway configuration (at least in one 
customer gateway)need to configured IKE DH value (modp1024), without this the 
connection  is not coming up. 
    
    Config file VR example:
     cat /etc/ipsec.d/ipsec.vpn-10.147.46.103.conf 
    #conn for vpn-10.147.46.103
    conn vpn-10.147.46.103
     left=10.147.46.104
     leftsubnet=10.2.0.0/16
     leftnexthop=10.147.46.1
     right=10.147.46.103
     rightsubnet=10.1.0.0/16
     type=tunnel
     authby=secret
     keyexchange=ike
     ike=3des-md5-modp1024
     ikelifetime=24h
     esp=3des-md5
     lifetime=1h
     pfs=no
     keyingtries=2
     auto=start
     forceencaps=no



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to