cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jānis Andersons | Failiem.lv ...@failiem.lv>
Subject Re: VPN not working. VR keeps rebooting
Date Fri, 30 Sep 2016 09:37:51 GMT
WEhen I run 'ipsec auto --status' it returns:

000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} 
trans={0,0,0} attrs={0,0,0}
000
000 "L2TP-PSK": 
xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>[+S=C]:17/1701...%any[+S=C]:17/%any; 
unrouted; eroute owner: #0
000 "L2TP-PSK":     myip=unset; hisip=unset;
000 "L2TP-PSK":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 
540s; rekey_fuzz: 100%; keyingtries: 3
000 "L2TP-PSK":   policy: 
PSK+ENCRYPT+TUNNEL+DONTREKEY+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 
32,32; interface: eth2;
000 "L2TP-PSK":   newest ISAKMP SA: #0; newest IPsec SA: #0;


Jānis Andersons
http://serveri.failiem.lv
http://files.fm
http://failiem.lv
mobile: +371 26606064
ja@failiem.lv

On 28.09.2016 09:51, Jayapal Reddy wrote:
> Hi Janis,
>
> To see the ipsec vpn connection status please use the below command.
> 'ipsec auto --status'
>
> ipsec ports (4500 1701 500) are udp ports. Did you use 'nc' command to
> check the ports.
>
> If the VR is rebooting continuously please check the management server logs
> to see why it is rebooting.
>
> Thanks,
> Jayapal
>
> On Tue, Sep 27, 2016 at 11:58 PM, Jānis Andersons | Failiem.lv <
> ja@failiem.lv> wrote:
>
>> I tried to reboot virtual router. Now it just keeps rebooting and doesn't
>> start up.
>>
>> Jānis Andersons
>> http://serveri.failiem.lv
>> http://files.fm
>> http://failiem.lv
>> mobile: +371 26606064
>> ja@failiem.lv
>>
>> On 27.09.2016 16:10, Jānis Andersons | Failiem.lv wrote:
>>
>>> Hi!
>>> I have created Network offering with capabilities:
>>> Firewall: VirtualRouter, Vpn: VirtualRouter, Dhcp: VirtualRouter,
>>> SourceNat: VirtualRouter, PortForwarding: VirtualRouter, Lb: VirtualRouter,
>>> UserData: VirtualRouter, Dns: VirtualRouter
>>> But I cant connect to VPN. When I access virtual router trough console I
>>> can see that IPsec has not started and if I start it nothing changes,
>>> service ipsec status shows that no tunnels is up.
>>> When I execute: service ipsec restart, I get:
>>> ipsec_setup: Stopping Openswan IPsec...
>>> ipsec_setup: Starting Openswan IPsec 2.6.37-g955aaafb-dirty...
>>> ipsec_setup: No KLIPS support found while requested, desperately falling
>>> back to netkey
>>> ipsec_setup: NETKEY support found. Use protostack=netkey in
>>> /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with
>>> NETKEY
>>>
>>> Also it's not possible to telnet any of ipsec ports (4500 1701 500).
>>>
>>> Thanks in advance!
>>>
>>>


Mime
View raw message