You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Richard Lawley <ri...@richardlawley.com> on 2019/05/29 19:39:56 UTC
Site to Site VPNs with Advanced Networks
In our installations we primarily use advanced (non-VPC) networks, but
I've become aware of the site-to-site VPN available on VPCs. I just
wondered if there was a reason this was VPC-only, or whether there was
a good reason these have never been implemented for non-VPC networks?
Regards,
Richard
Re: Site to Site VPNs with Advanced Networks
Posted by Andrija Panic <an...@gmail.com>.
Richard,
as Dag said, it's a historical thing i.e.
Once upon a time there was only Basic Zone, SG.
Then "Advance Zone' was introduced, with multiple Shared Networks possible
(imagine multiple Basic Zones effectively)
Then Isolated networks were "invented" with some more networking features
(firewall, no ACL; remote VPN, no s-2-s VPN, no support for Private
Gateways)
Then VPC was born with same features as Isolated networks, but s-2-s VPN
was added, Private Gateway was added, ACL instead of "Firewall"
There's a story ^^^ and no need to use Isolated networks, since VPC =
multiple Isolated Networks + some more features...
Best,
Andrija
On Thu, 30 May 2019 at 10:49, Richard Lawley <ri...@richardlawley.com>
wrote:
> Yes, but we can see a real use for adding site-to-site VPNs to them as
> well. I just wanted to know whether this was something which has been
> considered and discarded in the past for some reason, or just
> something that has never yet come up and is therefore possible.
>
> On Thu, 30 May 2019 at 09:14, Dag Sonstebo <Da...@shapeblue.com>
> wrote:
> >
> > Hi Richard - this is just a historical thing. Keep in mind you still
> have user/"roadwarrior" VPN on normal isolated networks.
> >
> > Regards,
> > Dag Sonstebo
> > Cloud Architect
> > ShapeBlue
> >
> >
> > On 29/05/2019, 23:09, "Richard Lawley" <ri...@richardlawley.com>
> wrote:
> >
> > In our installations we primarily use advanced (non-VPC) networks,
> but
> > I've become aware of the site-to-site VPN available on VPCs. I just
> > wondered if there was a reason this was VPC-only, or whether there
> was
> > a good reason these have never been implemented for non-VPC networks?
> >
> > Regards,
> >
> > Richard
> >
> >
> >
> > Dag.Sonstebo@shapeblue.com
> > www.shapeblue.com
> > Amadeus House, Floral Street, London WC2E 9DPUK
> > @shapeblue
> >
> >
> >
>
--
Andrija Panić
Re: Site to Site VPNs with Advanced Networks
Posted by Richard Lawley <ri...@richardlawley.com>.
Yes, but we can see a real use for adding site-to-site VPNs to them as
well. I just wanted to know whether this was something which has been
considered and discarded in the past for some reason, or just
something that has never yet come up and is therefore possible.
On Thu, 30 May 2019 at 09:14, Dag Sonstebo <Da...@shapeblue.com> wrote:
>
> Hi Richard - this is just a historical thing. Keep in mind you still have user/"roadwarrior" VPN on normal isolated networks.
>
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
>
> On 29/05/2019, 23:09, "Richard Lawley" <ri...@richardlawley.com> wrote:
>
> In our installations we primarily use advanced (non-VPC) networks, but
> I've become aware of the site-to-site VPN available on VPCs. I just
> wondered if there was a reason this was VPC-only, or whether there was
> a good reason these have never been implemented for non-VPC networks?
>
> Regards,
>
> Richard
>
>
>
> Dag.Sonstebo@shapeblue.com
> www.shapeblue.com
> Amadeus House, Floral Street, London WC2E 9DPUK
> @shapeblue
>
>
>
Re: Site to Site VPNs with Advanced Networks
Posted by Dag Sonstebo <Da...@shapeblue.com>.
Hi Richard - this is just a historical thing. Keep in mind you still have user/"roadwarrior" VPN on normal isolated networks.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 29/05/2019, 23:09, "Richard Lawley" <ri...@richardlawley.com> wrote:
In our installations we primarily use advanced (non-VPC) networks, but
I've become aware of the site-to-site VPN available on VPCs. I just
wondered if there was a reason this was VPC-only, or whether there was
a good reason these have never been implemented for non-VPC networks?
Regards,
Richard
Dag.Sonstebo@shapeblue.com
www.shapeblue.com
Amadeus House, Floral Street, London WC2E 9DPUK
@shapeblue