Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
PR#1741 is closed. So closed this PR.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
e
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I am not able to merge my changes with @jayapalu's branch, so I have
created a new PR #1741 which includes everything from this PR as well as all
the changes I had to make to get both Remote Access
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu I need to get all my changes merged into this PR though. This PR
has bugs as it is. I will open a new PR with a merge of your changes and my
changes today.
---
If your project is set u
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill We will try to wrap up this PR by next week. I will also try to
post the test results then we will push the changes after LGTMs.
---
If your project is set up for it, you can reply to t
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Tomorrow I will pick a recommended S2S VPN configuration and verify the
rest of the different possible options with that single configuration to give a
better global picture of the state of this PR
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I wrote a small testing setup which allows me to automate the build up and
tear down different configurations in test environment.
Here are the results so far of my branch (hopefully soon t
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu I am not sure why, but I can't seem to do a pull request against
your branch. Any ideas why? Maybe you have some specific permissions on your
repo to stop this? If you are not sure, I
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill
The changes added are some improvements. One example is before running
ipsec up , calling ipsec down
---
If your project is set up for it, you can reply to this ema
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu the issues are harder to notice if the connection is always
coming up. The problem is if you do a configuration which the connection does
not come up. Because of the logic I pointed out
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
I have created two VPCs and configured the s2s vpn from UI. My tunnels are
coming up without manually restarting the ipsec in this branch.
s2s_customer_gateway:
++--
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill I did not test the case of delete vpn on error state, so I did not
come across the vpn config file mess.
Each time we configure the s2s vpn we suppose to overwrite config fie
(ipsec.
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I have to solve for this now though:
![image](https://cloud.githubusercontent.com/assets/13644/19495845/0811c4ba-9553-11e6-9691-1cc17941526d.png)
---
If your project is set up for it, y
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I think I have found why the VPN connections are not correctly being
deleted from the VR when you run `deleteVpnConnection`.
The [problem is
here](https://github.com/apache/cloudstack/blob
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill
My setup is up with the strongswan template. Configured s2s VPN connection,
I could observe that once that 'ipsec restart' or reload/rereadsecrets brought
up the tunnels.
I
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Hey @jayapalu, thanks for the follow up. Here are a couple things to note.
- In order to get Remote Access VPN to work you need to update the L2TP
conf file to include `type=transport`.
- I
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill Let me also try the issue you have mentioned in my setup on Monday.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
The more I dig into this the deeper the rabbit hole goes. Here are a few
things I have found which I need to address.
- When a VPN connection, gateway, etc is deleted, the configuration is not
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I have found a new issue. If I create a S2S VPN connection, and then clean
up everything. The S2S VPN connection still works even though there is nothing
configured in ACS anymore. Looking into
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@serg38 if you respond from email, can you remove the quoted text so it
does not add a full page of text to the GitHub issue. :P Maybe edit your
above response to remove the extra text since this
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@serg38 Inline...
`plutostart=no` will do nothing. I need to remove that, I just have not
gotten around to cleaning that up. That config option no longer is even picked
up: https://wiki.
Github user serg38 commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill Can you try changing in ipsec.conf
plutostart=no
keyexchange=ikev2
and adding
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
From: Will Stevens
Re
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Thanks to @kiwiflyer for finding this link:
https://support.microsoft.com/en-us/kb/926179
We have been able to create a connection by setting the registry for
`AssumeUDPEncapsulationContex
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
At @serg38's request, here are the current configs...
```
# cat /etc/strongswan.conf
# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) ma
@swill I believe windows natively support "L2TP” . And I see they negotiated
both encryption and integrity . looks like the difference is this:
On OSX
xl2tpd[2263]: control_finish: Peer requested tunnel 32 twice, ignoring
second one.
On windows it seems it trying to establish ‘child’ session
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@murali-reddy, @jburwell mentioned to ping you regarding the above. Not
sure if you have any ideas or suggestions, but I am open to any thoughts.
Thanks... :)
---
If your project is set up for
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
If anyone has experience with Remote Access VPN on Windows and has any
insight into why the following is failing, please let me know.
**FAILING WINDOWS LOG:**
```
charon: 11[NET] r
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@rhtyd ya I am trying to get it working with all. It is a lot of trial and
error, more research, then more trial and error.
Right now I have it working on Mac. On Windows, phase 1 is worki
Github user rhtyd commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill thanks for sharing your progress, last time I hit the issue -- when
I fixed it to make it work with osx, it won't work with windows and vice-versa
so we need to test that vpn works on all th
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
For interested parties. One of the problems with the Mac VPN client with
the previous OpenSwan integration was that you could not `cat` large files or
`scp` files over the remote access vpn. I ha
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Thanks @serg38. I found this as well:
http://docs.cloudstack.apache.org/projects/cloudstack-administration/en/4.8/networking/using_remote_access.html
I personally don't have access to Wind
Github user serg38 commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill The default way is using integrated VPN client in Windows. For
windows 8.1 the guide is here
https://blogs.technet.microsoft.com/networking/2014/01/13/configuring-native-vpn-client-thro
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
BTW @jayapalu, don't worry about any of these changes. Once I have
everything working I will send a PR to your PR to make the changes and then a
bunch of us can do another round of testing once yo
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
How are people using Windows Remote Access VPN? I have this working on Mac
now, but it does not seem to work on Windows. I have been trying to find a
solution, but it seems like the different Wi
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
**Update:** I found this article:
https://lists.strongswan.org/pipermail/users/2014-October/006871.html
**In the file `/etc/ipsec.d/l2tp.conf` I added the option `type=transport`
to the `
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I will be writing a script to test all possible Site-to-Site VPN connection
options to see which configurations are working and which configurations are
failing. Then we will see where we are at..
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I have not been able to make the `Remote Access VPN` work with Mac. I have
tried both `L2TP over IPSec` and `Cisco IPSec` (bare ipsec I believe), neither
work.
I am getting the same probl
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Sorry, found it. :)
![image](https://cloud.githubusercontent.com/assets/13644/19118904/f7471f20-8aeb-11e6-88dc-de4d436b8d1c.png)
---
If your project is set up for it, you can reply to t
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu why would I get this when trying to enable `Remote Access VPN`?
What is the significance of these IPs `10.1.2.1-10.1.2.8`?
![image](https://cloud.githubusercontent.com/assets/13
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu I will continue testing the different combinations to see what is
working and what is not.
---
If your project is set up for it, you can reply to this email and have your
reply appear on
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu ^
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if t
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
`3DES` is not installed in this template by default. I had to run `apt-get
install libstrongswan-extra-plugins` in order to get support for `3DES` and for
the configuration you specified to work.
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Right, I forgot to mention that. Thanks @pdion891.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have thi
Github user pdion891 commented on the issue:
https://github.com/apache/cloudstack/pull/872
in case of HTTPs issue registering the template
http://objects-east.cloud.ca/v1/5ef827605f884961b94881e928e7a250/swill/systemvm64template-master-4.6.0-xen.vhd.bz2
can be use.
---
If your p
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Here is the template (for xen anyway):
https://objects-east.cloud.ca/v1/5ef827605f884961b94881e928e7a250/swill/systemvm64template-master-4.6.0-xen.vhd.bz2
So far I have not been able to get
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill
can you please share the systemvm template URL. I can also run the test
cases with it.
---
If your project is set up for it, you can reply to this email and have your
reply appear on
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill
If your connection is not coming up without IKE DH in customer gateway
configuration then try configuring IKE DH in customer gateway value from
UI/API.
In strongswan 5.2 ipsec,
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I got it to build, will be testing it soon...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feat
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@rhtyd have you gotten this system VM to build? I am having trouble
getting it to finish building.
My build is failing here...
```
+ log DEBUG 'on_exit: clean_vbox'
+ local lev
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
I will start doing some testing on this today. Thanks...
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not ha
Github user rhtyd commented on the issue:
https://github.com/apache/cloudstack/pull/872
Thanks @jayapalu I'm rebuilding some infra, I'll get back to you soon.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your projec
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@rhtyd @pdion891 @swill
I have squashed the commits. Added the template changes to install
strongswan 5.2.
Can one you trigger the systemvm template job on this branch.
---
If your pr
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@pdion891
Below is the Remote access vpn config, update left with the VR public ip.
#ipsec remote access vpn configuration
conn L2TP-PSK
authby=psk
pfs=no
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Thanks for getting back to us @jayapalu. I will hold off focusing on this
until you have made your update. If you can get @pdion891 the config, that
will help us get to the point where we can sta
Github user pdion891 commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu do you have a configuration example of strongswan for the remote
management VPN? I would validate that the generated configuration will work
with Windows and OSx clients.
Tha
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
@swill @kiwiflyer
Sorry for the late response.
I am started looking into this. I am looking into getting template with
strongswan 5.2. Once it is done I will update the code changes.
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Thanks @kiwiflyer. I will let you know once I have something ready to
start testing.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well
Github user kiwiflyer commented on the issue:
https://github.com/apache/cloudstack/pull/872
Yeah, I think this one is dead unless it gets reworked into a new PR. We
might be able to help a bit on this one as well.
---
If your project is set up for it, you can reply to this email and
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Given the lack of response, I am guessing I should just clone the work from
this PR into my own branch and open a new PR once I have everything working...
---
If your project is set up for it, you
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
@jayapalu are you active enough that if I make pull requests against your
branch you can make the changes available in this PR. Or should I just start
from your work and develop and test in my own
Github user swill commented on the issue:
https://github.com/apache/cloudstack/pull/872
Is anyone working on this right now?
Having reviewed this thread, I believe the following pieces are still
outstanding:
- fix merge conflicts.
- potentially: upgrade the VR to use
Github user pdion891 commented on the issue:
https://github.com/apache/cloudstack/pull/872
JIRA reference: https://issues.apache.org/jira/browse/CLOUDSTACK-8682
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your pro
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 209
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 201
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 194
Hypervisor xenserver
NetworkType Advanced
Passed=69
Failed=4
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 174
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 159
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 151
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 143
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 135
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 127
Hypervisor xenserver
NetworkType Advanced
Passed=71
Failed=2
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 119
Hypervisor xenserver
NetworkType Advanced
Passed=69
Failed=4
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 113
Hypervisor xenserver
NetworkType Advanced
Passed=70
Failed=3
Skipped=3
_Link to logs Folder (search by
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/872
### ACS CI BVT Run
**Sumarry:**
Build Number 107
Hypervisor xenserver
NetworkType Advanced
Passed=67
Failed=6
Skipped=3
_Link to logs Folder (search by
73 matches
Mail list logo