David, the table sent seems fine - but that is just global value in cloud.configuration table.
what ACS version ? This global change is applied for newly created user accounts in ACS (not VPN users!) if you create new account and new VPC - can you check what IP range is assinged to VPN (after enabling it) ? On 4 June 2015 at 02:36, Dave Hoffman <[email protected]> wrote: > We tried changing the global setting but it is not taking effect after > restarting cloudstack-management, after removing and recreating vpn account > or even adding new users to the account to trigger an update of some kind. > > After restarting the VPC and destroying the router multiple times it is > still using the 10.1.2.0 network for VPN clients. > > We have changed this at the global settings level as well as changing it in > the account level setting: remote.access.vpn.client.iprange > > Neither have changed the default ip range. > > Looking into the database I did notice that the updated column was still > set to the install date for remote.access.vpn.client.iprange instead of > todays date. I'm wondering if that needs to update to trigger the change? > > > +----------------------------------+-----------------------------+-----------------------------------------+ > | name | value | > default_value | updated | > > +----------------------------------+-----------------------------+-----------------------------------------+ > | remote.access.vpn.client.iprange | 192.168.147.2-192.168.147.9 | > 10.1.2.1-10.1.2.8 | 2015-02-05 22:09:37 | > > +----------------------------------+-----------------------------+-------------------+---------------------+ > > > On Mon, Jun 1, 2015 at 4:18 PM, Dave Hoffman <[email protected]> > wrote: > > > Ah, that makes sense. We'll try changing that address range and testing > > when we can get a maintenance window with the customer. > > > > On Fri, May 29, 2015 at 3:06 PM, Andrija Panic <[email protected]> > > wrote: > > > >> Nevermind, so it's remote VPN. > >> > >> This range (10.1.2.8-x) is default range assinged to VPN clients (your > >> laptop etc). (global config: > >> remote.access.vpn.client.iprange) - this range overlaps with your VPC > >> range > >> 10.x.x.x > >> you can change this value in global config to i.e > >> 192.168.56.5-192.168.56.50 and then create user accounts etc...that will > >> get this settings attached. > >> this range is a property attached of the ACCOUNT. > >> > >> Meaning, as a cloud wide admin, login to ACS, and edit existing account, > >> there is SETTINGS tab on the account, and change remote VPN IP > >> range.....to > >> something else than 10.x.x.x > >> Also be sure to route all traffic over VPN connections, so you can > >> actuallt > >> access your VMs inside VPC. > >> > >> > >> cheers > >> > >> > >> > >> On 29 May 2015 at 22:00, Andrija Panic <[email protected]> wrote: > >> > >> > Dave, VPC setup is fine... > >> > > >> > You configured site-to-site VPN (remote customer VPN gateway) or > Remote > >> > VPN (l2tp/ipsec) ? > >> > > >> > On 29 May 2015 at 21:51, Dave Hoffman <[email protected]> > >> wrote: > >> > > >> >> We have a VPC configured with a 10.0.0.0/16 and a network within the > >> VPC > >> >> with a 10.0.0.0/24 network. > >> >> > >> >> After setting up a VPN on the gateway and connecting I get an address > >> of > >> >> 10.1.2.8 and I cannot access the VM within the network. > >> >> > >> >> Is there something wrong with the config that we're missing? > >> >> > >> >> -- > >> >> Thanks, > >> >> *Dave Hoffman* > >> >> System Administrator | Appcore - the business of cloud computing® > >> >> > >> >> Office +1.800.735.7104 | Fax +1.515.612.7878 > >> >> Direct +1.515.612.7808 | Mobile +1.515.966.4633 > >> >> [email protected] | www.appcore.com > >> >> > ---------------------------------------------------------------------- > >> >> > >> >> The information in this message is intended for the named recipients > >> only. > >> >> It may contain information that is privileged, confidential or > >> otherwise > >> >> protected from disclosure. If you are not the intended recipient, you > >> are > >> >> hereby notified that any disclosure, copying, distribution, or the > >> taking > >> >> of any action in reliance on the contents of this message is strictly > >> >> prohibited. If you have received this e-mail in error, do not print > it > >> or > >> >> disseminate it or its contents. In such event, please notify the > >> sender by > >> >> return e-mail and delete the e-mail file immediately thereafter. > Thank > >> >> you. > >> >> > >> > > >> > > >> > > >> > -- > >> > > >> > Andrija Panić > >> > > >> > >> > >> > >> -- > >> > >> Andrija Panić > >> > > > > > > > > -- > > Thanks, > > *Dave Hoffman* > > System Administrator | Appcore - the business of cloud computing® > > > > Office +1.800.735.7104 | Fax +1.515.612.7878 > > Direct +1.515.612.7808 | Mobile +1.515.966.4633 > > [email protected] | www.appcore.com > > ---------------------------------------------------------------------- > > > > The information in this message is intended for the named recipients > only. > > It may contain information that is privileged, confidential or otherwise > > protected from disclosure. If you are not the intended recipient, you are > > hereby notified that any disclosure, copying, distribution, or the taking > > of any action in reliance on the contents of this message is strictly > > prohibited. If you have received this e-mail in error, do not print it or > > disseminate it or its contents. In such event, please notify the sender > by > > return e-mail and delete the e-mail file immediately thereafter. Thank > you. > > > > > > -- > Thanks, > *Dave Hoffman* > System Administrator | Appcore - the business of cloud computing® > > Office +1.800.735.7104 | Fax +1.515.612.7878 > Direct +1.515.612.7808 | Mobile +1.515.966.4633 > [email protected] | www.appcore.com > ---------------------------------------------------------------------- > > The information in this message is intended for the named recipients only. > It may contain information that is privileged, confidential or otherwise > protected from disclosure. If you are not the intended recipient, you are > hereby notified that any disclosure, copying, distribution, or the taking > of any action in reliance on the contents of this message is strictly > prohibited. If you have received this e-mail in error, do not print it or > disseminate it or its contents. In such event, please notify the sender by > return e-mail and delete the e-mail file immediately thereafter. Thank you. > -- Andrija Panić
