starting the tunnel will make it keep trying until it connects Changed 'auto=add' to 'auto=start' to make sure the tunnel starts. When both sides are there they will connect. This resolves the issue that there is only a small time frame in which the VPN would connect.
(cherry picked from commit b95addd3efb45f61b129584ade49bad7bbaa16f8) Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/af4d1a63 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/af4d1a63 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/af4d1a63 Branch: refs/heads/4.4 Commit: af4d1a635f51b8fecf055cb61e62c8f558c69375 Parents: 72aa05a Author: Remi Bergsma <rberg...@schubergphilis.com> Authored: Mon Dec 8 18:55:35 2014 +0100 Committer: Daan Hoogland <d...@onecht.net> Committed: Tue Dec 9 10:50:31 2014 +0100 ---------------------------------------------------------------------- systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/af4d1a63/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh index cfee6d1..d30a9ca 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh +++ b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh @@ -151,7 +151,7 @@ ipsec_tunnel_add() { sudo echo " salifetime=${esplifetime}s" >> $vpnconffile && sudo echo " pfs=$pfs" >> $vpnconffile && sudo echo " keyingtries=2" >> $vpnconffile && - sudo echo " auto=add" >> $vpnconffile && + sudo echo " auto=start" >> $vpnconffile && sudo echo "$leftpeer $rightpeer: PSK \"$secret\"" > $vpnsecretsfile && sudo chmod 0400 $vpnsecretsfile
