[openstack-dev] [neutron] Can Neutron VPNaaS work with strongswan? (Openswan removed from Debian)

trinath.somanchi at freescale.com trinath.somanchi at freescale.com
Mon Oct 13 04:50:40 UTC 2014


Hi-

Yes, VPNaaS works with Strong Swan too. I have tried and was successful. 

Take the cherry-pick of 67 patchset from https://review.openstack.org/#/c/33148

Work on the conflicts and run neutron. It works perfect.

Hope this helps.

--
Trinath Somanchi - B39208
trinath.somanchi at freescale.com | extn: 4048

-----Original Message-----
From: Thomas Goirand [mailto:zigo at debian.org] 
Sent: Sunday, October 12, 2014 9:54 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [neutron] Can Neutron VPNaaS work with strongswan? (Openswan removed from Debian)

Hi,

As you may know, OpenSwan has been largely unmaintained in Debian, and then was removed from Testing, and then Sid last summer. OpenSwan had some unaddressed security issues, and removing it from Debian was IMO the correct thing to do. Ubuntu followed, and Utopic doesn't have OpenSwan anymore either.

Though there's StrongSwan, which is apparently an alternative. But can Neutron work with it? If not, how much work would it be to make Neutron use StrongSwan instead of OpenSwan, and could the maintainers of the VPNaaS people do this be worked on for Kilo? BTW, why not using something as popular as OpenVPN, which has more chances to be well maintained?

Cheers,

Thomas Goirand (zigo)

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



More information about the OpenStack-dev mailing list