cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: CS 4.3.2 - VPC VPN client IP not routable to network
Date Thu, 04 Jun 2015 08:02:50 GMT
David,

the table sent seems fine - but that is just global value in
cloud.configuration table.

what ACS version ?

This global change is applied for newly created user accounts in ACS (not
VPN users!)

if you create new account and new VPC - can you check what IP range is
assinged to VPN (after enabling it) ?




On 4 June 2015 at 02:36, Dave Hoffman <david.hoffman@appcore.com> wrote:

> We tried changing the global setting but it is not taking effect after
> restarting cloudstack-management, after removing and recreating vpn account
> or even adding new users to the account to trigger an update of some kind.
>
> After restarting the VPC and destroying the router multiple times it is
> still using the 10.1.2.0 network for VPN clients.
>
> We have changed this at the global settings level as well as changing it in
> the account level setting: remote.access.vpn.client.iprange
>
> Neither have changed the default ip range.
>
> Looking into the database I did notice that the updated column was still
> set to the install date for remote.access.vpn.client.iprange instead of
> todays date.  I'm wondering if that needs to update to trigger the change?
>
>
> +----------------------------------+-----------------------------+-----------------------------------------+
> | name                             | value                       |
> default_value     | updated             |
>
> +----------------------------------+-----------------------------+-----------------------------------------+
> | remote.access.vpn.client.iprange | 192.168.147.2-192.168.147.9 |
> 10.1.2.1-10.1.2.8 | 2015-02-05 22:09:37 |
>
> +----------------------------------+-----------------------------+-------------------+---------------------+
>
>
> On Mon, Jun 1, 2015 at 4:18 PM, Dave Hoffman <david.hoffman@appcore.com>
> wrote:
>
> > Ah, that makes sense.  We'll try changing that address range and testing
> > when we can get a maintenance window with the customer.
> >
> > On Fri, May 29, 2015 at 3:06 PM, Andrija Panic <andrija.panic@gmail.com>
> > wrote:
> >
> >> Nevermind, so it's remote VPN.
> >>
> >> This range (10.1.2.8-x) is default range assinged to VPN clients (your
> >> laptop etc). (global config:
> >> remote.access.vpn.client.iprange) - this range overlaps with your VPC
> >> range
> >> 10.x.x.x
> >> you can change this value in global config to i.e
> >> 192.168.56.5-192.168.56.50 and then create user accounts etc...that will
> >> get this settings attached.
> >> this range is a property attached of the ACCOUNT.
> >>
> >> Meaning, as a cloud wide admin, login to ACS, and edit existing account,
> >> there is SETTINGS tab on the account, and change remote VPN IP
> >> range.....to
> >> something else than 10.x.x.x
> >> Also be sure to route all traffic over VPN connections, so you can
> >> actuallt
> >> access your VMs inside VPC.
> >>
> >>
> >> cheers
> >>
> >>
> >>
> >> On 29 May 2015 at 22:00, Andrija Panic <andrija.panic@gmail.com> wrote:
> >>
> >> > Dave, VPC setup is fine...
> >> >
> >> > You configured site-to-site VPN (remote customer VPN gateway) or
> Remote
> >> > VPN (l2tp/ipsec) ?
> >> >
> >> > On 29 May 2015 at 21:51, Dave Hoffman <david.hoffman@appcore.com>
> >> wrote:
> >> >
> >> >> We have a VPC configured with a 10.0.0.0/16 and a network within the
> >> VPC
> >> >> with a 10.0.0.0/24 network.
> >> >>
> >> >> After setting up a VPN on the gateway and connecting I get an address
> >> of
> >> >> 10.1.2.8 and I cannot access the VM within the network.
> >> >>
> >> >> Is there something wrong with the config that we're missing?
> >> >>
> >> >> --
> >> >> Thanks,
> >> >> *Dave Hoffman*
> >> >> System Administrator | Appcore - the business of cloud computing®
> >> >>
> >> >> Office +1.800.735.7104  |  Fax +1.515.612.7878
> >> >> Direct +1.515.612.7808  |  Mobile +1.515.966.4633
> >> >> dave.hoffman@appcore.com  |  www.appcore.com
> >> >>
> ----------------------------------------------------------------------
> >> >>
> >> >> The information in this message is intended for the named recipients
> >> only.
> >> >> It may contain information that is privileged, confidential or
> >> otherwise
> >> >> protected from disclosure. If you are not the intended recipient, you
> >> are
> >> >> hereby notified that any disclosure, copying, distribution, or the
> >> taking
> >> >> of any action in reliance on the contents of this message is strictly
> >> >> prohibited. If you have received this e-mail in error, do not print
> it
> >> or
> >> >> disseminate it or its contents. In such event, please notify the
> >> sender by
> >> >> return e-mail and delete the e-mail file immediately thereafter.
> Thank
> >> >> you.
> >> >>
> >> >
> >> >
> >> >
> >> > --
> >> >
> >> > Andrija Panić
> >> >
> >>
> >>
> >>
> >> --
> >>
> >> Andrija Panić
> >>
> >
> >
> >
> > --
> > Thanks,
> > *Dave Hoffman*
> > System Administrator | Appcore - the business of cloud computing®
> >
> > Office +1.800.735.7104  |  Fax +1.515.612.7878
> > Direct +1.515.612.7808  |  Mobile +1.515.966.4633
> > dave.hoffman@appcore.com  |  www.appcore.com
> > ----------------------------------------------------------------------
> >
> > The information in this message is intended for the named recipients
> only.
> > It may contain information that is privileged, confidential or otherwise
> > protected from disclosure. If you are not the intended recipient, you are
> > hereby notified that any disclosure, copying, distribution, or the taking
> > of any action in reliance on the contents of this message is strictly
> > prohibited. If you have received this e-mail in error, do not print it or
> > disseminate it or its contents. In such event, please notify the sender
> by
> > return e-mail and delete the e-mail file immediately thereafter. Thank
> you.
> >
>
>
>
> --
> Thanks,
> *Dave Hoffman*
> System Administrator | Appcore - the business of cloud computing®
>
> Office +1.800.735.7104  |  Fax +1.515.612.7878
> Direct +1.515.612.7808  |  Mobile +1.515.966.4633
> dave.hoffman@appcore.com  |  www.appcore.com
> ----------------------------------------------------------------------
>
> The information in this message is intended for the named recipients only.
> It may contain information that is privileged, confidential or otherwise
> protected from disclosure. If you are not the intended recipient, you are
> hereby notified that any disclosure, copying, distribution, or the taking
> of any action in reliance on the contents of this message is strictly
> prohibited. If you have received this e-mail in error, do not print it or
> disseminate it or its contents. In such event, please notify the sender by
> return e-mail and delete the e-mail file immediately thereafter. Thank you.
>



-- 

Andrija Panić

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message