[GitHub] [cloudstack] harikrishna-patnala opened a new issue, #6903: Remote VPN is not working if site-to-site VPN exists

[GitBox]

harikrishna-patnala opened a new issue, #6903:
URL: https://github.com/apache/cloudstack/issues/6903

   <!--
   Verify first that your issue/request is not already reported on GitHub.
   Also test if the latest release and main branch are affected too.
   Always add information AFTER of these HTML comments, but no need to delete 
the comments.
   -->
   
   ##### ISSUE TYPE
   <!-- Pick one below and delete the rest -->
    * Bug Report
    * Improvement Request
    * Enhancement Request
    * Feature Idea
    * Documentation Report
    * Other
   
   ##### COMPONENT NAME
   <!--
   Categorize the issue, e.g. API, VR, VPN, UI, etc.
   -->
   ~~~
   Virtual Router
   ~~~
   
   ##### CLOUDSTACK VERSION
   <!--
   New line separated list of affected versions, commit ID for issues on main 
branch.
   -->
   
   ~~~
   4.16, 4.17, main
   ~~~
   
   
   ##### SUMMARY
   <!-- Explain the problem/feature briefly -->
   When is site to site VPN already exists then remote VPN does not work.
   
   There was an old issue https://github.com/apache/cloudstack/issues/3654 
already but even with newer strongswan libraries this was not working as 
expected.
   
   This was discussed here https://wiki.strongswan.org/issues/2497 and a 
possible workaround or fix could be as follows,
   
   Modify /opt/cloud/bin/configure.py:
   secret.addeq("%s : PSK \"%s\"" % (left, psk)) to
   secret.addeq("%s %%any : PSK \"%s\"" % (left, psk))
   
   This needs testing and check for regressions.
   
   ##### STEPS TO REPRODUCE
   <!--
   For bugs, show exactly how to reproduce the problem, using a minimal 
test-case. Use Screenshots if accurate.
   
   For new features, show how the feature would be used.
   -->
   
   <!-- Paste example playbooks or commands between quotes below -->
   ~~~
   1. Step up site-to-site VPN between two networks
   2. Also enable remote VPN
   ~~~
   
   <!-- You can also paste gist.github.com links for larger files -->
   
   ##### EXPECTED RESULTS
   <!-- What did you expect to happen when running the steps above? -->
   
   ~~~
   As per this issue https://github.com/apache/cloudstack/issues/3654, both 
site to site VPN and remote VPN should work
   ~~~
   
   ##### ACTUAL RESULTS
   <!-- What actually happened? -->
   
   <!-- Paste verbatim command output between quotes below -->
   ~~~
   Only either of site to site VPN or remote VPN is working
   ~~~
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org