HI Yitao,
If you want to enable vpn on the ip, omit the udp 500,1701 and 4500 ports on
public ip firewall rule and configure
the vpn.
You can file bug this, for the vpn enable ip cloudstack should ignore vpn ports
for firewall rule ports conflict.
Thanks,
Jayapal
On 21-Apr-2014, at 3:25 PM,
Hi, stackers
I just found that if the the firewall of sourced nat ip of Isolated
network has opened UDP port such as 1-65535 range , the create vpn command
will faile, because the system will
reopen the udp port of 500, 1701, 4500 which are conflicts with origin port
range.Response as below