Check
https://github.com/apache/cloudstack/blob/77864992fe8f80dbabd1240f6373d2ba3e98713c/utils/src/main/java/com/cloud/utils/net/NetUtils.java#L1221
On Tue, Nov 21, 2017 at 10:11 AM, Nux! <n...@li.nux.ro> wrote:
> Hi,
>
> I'm trying out terraform and had success so far, except for the vpn
> customer gateway feature.
> For some reason, terraform fails to create it, though I use the same
> options as in UI/cloudmonkey where it works just fine.
>
> The snippet for it is:
>
> resource "cloudstack_vpn_customer_gateway" "default" {
> name = "test-vpc"
> cidr = "10.0.0.0/24"
> esp_policy = "aes256-sha1"
> gateway = "1.2.3.4"
> ike_policy = "sha1-aes256;modp3072"
> ipsec_psk = "terraformxyz7"
> }
>
> It always complains about the ike_policy:
> * cloudstack_vpn_customer_gateway.default: Error creating VPN Customer
> Gateway test-vpc: Undefined error: {"errorcode":431,"errortext":"The
> customer gateway IKE policy sha1-aes256;modp3072 is invalid! Verify the
> required Diffie Hellman (DH) group is specified."}
>
> I tried all sorts of ways to write the ike_policy, escaped, web
> encoded/decoded, nothing worked. What am I missing?
> The example terraform docs provide suffers the same fate.
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
