starting the tunnel will make it keep trying until it connects Changed 'auto=add' to 'auto=start' to make sure the tunnel starts. When both sides are there they will connect. This resolves the issue that there is only a small time frame in which the VPN would connect.
(cherry picked from commit b95addd3efb45f61b129584ade49bad7bbaa16f8) Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e89f09aa Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e89f09aa Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e89f09aa Branch: refs/heads/master Commit: e89f09aa516ec06dcd2cced38de70f1bde9f0aaa Parents: 08ab9a3 Author: Remi Bergsma <rberg...@schubergphilis.com> Authored: Mon Dec 8 18:55:35 2014 +0100 Committer: Daan Hoogland <d...@onecht.net> Committed: Tue Dec 9 11:19:07 2014 +0100 ---------------------------------------------------------------------- systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e89f09aa/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh index cfee6d1..d30a9ca 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh +++ b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh @@ -151,7 +151,7 @@ ipsec_tunnel_add() { sudo echo " salifetime=${esplifetime}s" >> $vpnconffile && sudo echo " pfs=$pfs" >> $vpnconffile && sudo echo " keyingtries=2" >> $vpnconffile && - sudo echo " auto=add" >> $vpnconffile && + sudo echo " auto=start" >> $vpnconffile && sudo echo "$leftpeer $rightpeer: PSK \"$secret\"" > $vpnsecretsfile && sudo chmod 0400 $vpnsecretsfile
