First some background…
Our current installation is using ipsec-tools/racoon running on a CentOS server
at Rackspace to establish two VPN tunnels to hardware routers at remote
installations. 146.x.x.x is a Cisco 2500 and 2.x.x.x is a Comtrend VG-8050.
Both remote locations have several servers
Bruce -
Not sure what you mean by “netting host”. Can you be more specific or point me
to a link?
- Matt
> On Nov 16, 2016, at 12:34 AM, Bruce Ferrell wrote:
>
>
> Try setting it up as if the AWS instance is a netting host
>
> On 11/15/2016 09:27 PM, Mathew Marulla wr
IP and seeing if the instance is aware of it’s
own public IP, i.e.; by looking in ifconfig. Because the elastic IP certainly
does not show up there.
- Matt
> On Nov 16, 2016, at 7:40 AM, Turbo Fredriksson wrote:
>
> On 16 Nov 2016, at 05:27, Mathew Marulla wrote:
>
>> Al
M, Turbo Fredriksson wrote:
>
>> On 16 Nov 2016, at 17:56, Mathew Marulla wrote:
>>
>> If I am reading your reply correctly, it seems you are getting this to work
>> by not using an elastic IP, but just the public IP of your instance. Then
>> using a script to update
Protocol 50 is open for ESP. Not using AH.
Kinda moot since I have yet to get beyond IKE.
Thanks!
- Matt
> On Nov 17, 2016, at 12:32 AM, Krishnanarayanan VR
> wrote:
>
> Ports 500 and 4500 are open to the remote routers in the EC2 security group.
>
> AH & ESP open too ?
Holy crap I got it to work!
What was the problem? Old crappy router at the far end.
All I had to do was force ikeV1 with a keyexchange = ikev1 and my existing
config worked like a charm.
Thanks everyone!
- Matt
> On Nov 17, 2016, at 12:50 AM, Mathew Marulla wrote:
>
> Protocol 5
