Can the leftid be set to the address of eth2 (public IP of the VR) and the rightid be set to the right-side vpn peer?
On 7/17/13 3:01 AM, "Ian Service" <iserv...@ts2.ca> wrote: >After working with a few different hardware VPN gateways in a few >different >configurations I've found there's a relatively simple component missing to >allow us to easily support those other configurations. I've been able to >get the networks to connect with some modifications in the VPC router VM, >but it would be great if they would work within CloudStack's interface so >that > >The current /opt/cloud/bin/ipsectunnel.sh script includes the following >options: > >Usage: ipsectunnel.sh: (-A|-D) -l <left-side vpn peer> -n <left-side guest >cidr> -g <left-side gateway> -r <right-side vpn peer> -N <right-side >private subnets> -e <esp policy> -i <ike policy> -t <ike lifetime> -T <esp >lifetime> -s <pre-shared secret> -d <dpd 0 or 1> > >I can modify it to include -L <left-side ID> and -R <right-side ID> which >would add leftid=@<left-side ID> and rightid=@<right-side ID> to >/etc/ipsec.d/ipsec.vpn-<right-side vpn peer>.conf > >and @<left-side ID> @<right-side ID>: PSK "<pre-shared secret>" to >/etc/ipsec.d/ipsec.vpn-<right-side vpn peer>.secrets > >But, I'm not a Java dev so I'd need someone to help add the fields to the >web interface and I'd need someone with experience to properly update the >schema to add the new fields to the database. > >Any interest? > >Thanks, > >- Ian
