Thanks for your reply Geoff, in CS Network - VPC - vpc1 - Router - Network ACL Lists
I see two default_allow and default_deny, I am unable to change or remove this ACLs Thanks, Celso On Mon, Mar 3, 2014 at 1:45 PM, Geoff Higginbottom < geoff.higginbot...@shapeblue.com> wrote: > Do you am have a default allow or default deny on the VPC Tier? > > Regards > > Geoff Higginbottom > CTO / Cloud Architect > > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: > +442036030540> | M: +447968161581<tel:+447968161581> > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com> > | www.shapeblue.com<htp://www.shapeblue.com/> | Twitter:@cloudstackguru< > https://twitter.com/#!/cloudstackguru> > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N > 4HS<x-apple-data-detectors://5> > > > On 3 Mar 2014, at 21:09, "motty cruz" <motty.c...@gmail.com<mailto: > motty.c...@gmail.com>> wrote: > > Hi Geoff, > > the CIDR of the remote network is 192.168.0.0/24 > > IKE policy : 3des-md5 > ESP policy 3des-md5 > IKE lifetiem : 86400 > ESP lifetime 3600 > dead peer detection yes > state Error > > Status: Resource[Site2SiteVpnConnection:31]is unreachable: Failed to apply > site-to-site VPN > > That is the error i'm getting, > > In /var/log/message : > Mar 3 20:59:23 r-171-VM cloud: ipsectunnel.sh: done ipsec tunnel entry for > right peer=client_public_ip right networks=192.168.0.0/24 > Mar 3 20:59:23 r-171-VM cloud: ipsectunnel.sh: checking connection > status... > Mar 3 20:59:24 r-171-VM cloud: ipsectunnel.sh: checking connection > status... > Mar 3 20:59:25 r-171-VM cloud: ipsectunnel.sh: checking connection > status... > Mar 3 20:59:26 r-171-VM cloud: ipsectunnel.sh: checking connection > status... > Mar 3 20:59:27 r-171-VM cloud: ipsectunnel.sh: checking connection > status... > Mar 3 20:59:28 r-171-VM cloud: ipsectunnel.sh: fail to connect to remote, > status code: 11 > Mar 3 20:59:28 r-171-VM cloud: ipsectunnel.sh: would stop site-to-site VPN > connection > Mar 3 20:59:28 r-171-VM cloud: ipsectunnel.sh: removing configuration for > ipsec tunnel to client_public_ip > > > > On Mon, Mar 3, 2014 at 12:27 PM, Geoff Higginbottom < > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com>> > wrote: > > Motty, > > What is the CIDR of the remote network ? > > Regards > > Geoff Higginbottom > CTO / Cloud Architect > > D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: > +442036030540> | M: +447968161581<tel:+447968161581> > > geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com > ><mailto:geoff.higginbot...@shapeblue.com> > | www.shapeblue.com<http://www.shapeblue.com><htp://www.shapeblue.com/> | > Twitter:@cloudstackguru< > https://twitter.com/#!/cloudstackguru> > > ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N > 4HS<x-apple-data-detectors://5> > > > On 3 Mar 2014, at 18:17, "motty cruz" <motty.c...@gmail.com<mailto: > motty.c...@gmail.com><mailto: > motty.c...@gmail.com<mailto:motty.c...@gmail.com>>> wrote: > > Hello All, > I'm having issues with a site-to-site VPN connection on Cloudstack Advance > Network. > > vpc-1 CIDR 10.99.0.0/16 > > vpc-tier-1 10.99.1.0/24 > > customer gateway match client settings, > > in Virtual Router I see connections coming from client IP but no route > back. > If I log in to VR, I am able to pint client's IP. The outisde firewall not > filtering outgoing traffic, and incoming traffic from client's IP is allow > all. > > any idea or suggestions? > > Thanks, > Need Enterprise Grade Support for Apache CloudStack? > Our CloudStack Infrastructure Support< > http://shapeblue.com/cloudstack-infrastructure-support/> offers the best > 24/7 SLA for CloudStack Environments. > > Apache CloudStack Bootcamp training courses > > **NEW!** CloudStack 4.2.1 training< > http://shapeblue.com/cloudstack-training/> > 18th-19th February 2014, Brazil. Classroom< > http://shapeblue.com/cloudstack-training/> > 17th-23rd March 2014, Region A. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > 24th-28th March 2014, Region B. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > 16th-20th June 2014, Region A. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > 23rd-27th June 2014, Region B. Instructor led, On-line< > http://shapeblue.com/cloudstack-training/> > > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is a > company incorporated in India and is operated under license from Shape Blue > Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil > and is operated under license from Shape Blue Ltd. ShapeBlue is a > registered trademark. > > This email and any attachments to it may be confidential and are intended > solely for the use of the individual to whom it is addressed. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of Shape Blue Ltd or related companies. If you are not the > intended recipient of this email, you must neither take any action based > upon its contents, nor copy or show it to anyone. Please contact the sender > if you believe you have received this email in error. Shape Blue Ltd is a > company incorporated in England & Wales. ShapeBlue Services India LLP is a > company incorporated in India and is operated under license from Shape Blue > Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil > and is operated under license from Shape Blue Ltd. ShapeBlue is a > registered trademark. >
