[openstack-dev] VPNaaS site to site connection down.

Germy Lure germy.lure at gmail.com
Sun Sep 28 01:33:42 UTC 2014


Hi,

masoom:
I think firstly you can just check that if you could ping from left to
right without installing VPN connection.
If it worked, then you should cat the system logs to confirm the
configure's OK.
You can ping and tcpdump to dialog where packets are blocked.

stackers:
I think we should give mechanism to show the cause when vpn-connection is
down. At least, we could extend an attribute to explain this. Maybe the
VPN-incubator project is a chance?

BR,
Germy


On Sat, Sep 27, 2014 at 7:04 PM, masoom alam <masoom.alam at gmail.com> wrote:

> Hi Every one,
>
> I am trying to establish the VPN connection by giving the neutron
> ipsec-site-connection-create.
>
> neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address 172.24.4.233 --peer-id 172.24.4.233 --peer-cidr 10.2.0.0/24 --psk secret
>
>
> For the --peer-address I am giving the public interface of the other
> devstack node. Please note that my two devstack nodes are on different
> public addresses, so scenario is a little different than the one described
> here: https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall
>
> The --peer-id is the ip address of the Qrouter connected to the public
> interface. With this configuration, I am not able to up the VPN site to
> site connection. Do you think its a firewall issue, I have disabled both
> firewalls with sudo ufw disable. Any help in this regard. Am I giving the
> correct parameters?
>
> Thanks
>
>
>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140928/4fd869e7/attachment.html>


More information about the OpenStack-dev mailing list