You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Jayapal Reddy <ja...@gmail.com> on 2015/12/11 06:35:03 UTC
Re: ACS Virtual Routers VPN multiple connections
Hi Patrick,
Connecting multiple remote access vpn clients from behind nat (from the
same public ip) is not supported in strongswan vpn also.
I think this is possible with the ikve2 but not with ikve1. Ikev2 i have
not tried.
Thanks,
Jayapal
On Mon, Oct 26, 2015 at 5:11 PM, Patrick W. <wa...@hotmail.com> wrote:
> Hi Jayapal,
> Great, thanks for your quick precise reply!I saw your work on replacing it
> with strongswan. Is this going to potentially resolve this limitation? Any
> status to share on this work?
> Many many thanks!Patrick
>
> > From: jayapalreddy.uradi@citrix.com
> > To: users@cloudstack.apache.org
> > Subject: Re: ACS Virtual Routers VPN multiple connections
> > Date: Mon, 26 Oct 2015 11:17:45 +0000
> >
> > Hi Patrick,
> >
> > ACS VR is using the openswan ipsec for vpn.
> > Only one VPN client connection is supported by openswan when multiple
> clients are trying to connect to same public of the VR. This is the
> limitation from the openswan ipsec.
> >
> > Thanks,
> > Jayapal
> >
> >
> > > On 26-Oct-2015, at 4:33 pm, Patrick W. <wa...@hotmail.com> wrote:
> > >
> > > Hi All,
> > >
> > >
> > >
> > >
> > >
> > > I’d like to get some of your feedback about the operation of
> > > the VPN feature of ACS Virtual Routers. The main problem encountered
> is the
> > > fact that only one single L2TP/IPSec connection can be established at
> a time,
> > > from the same physical location, behind the same gateway / router /
> NAT device
> > > / single public IP. Two or more clients can establish connections if
> they’re
> > > not in the same location and behind the same restrictions listed above.
> > >
> > > As this has been observed on multiple locations, with
> > > various network topologies, setup and hardware, before digging into
> the network
> > > configuration and options, I wanted to ensure it’s not a limitation
> coming from
> > > the ACS VR itself.
> > >
> > >
> > >
> > >
> > >
> > > Has anyone experienced or bypassed the same constraint?
> > >
> > >
> > >
> > >
> > >
> > > Thanks in advance
> > >
> > > patrick
> >
>
>