Dav-11 commented on PR #9977:
URL: https://github.com/apache/cloudstack/pull/9977#issuecomment-2503328961
@GutoVeronezi
we did check the existing APIs, the wg behaviour is similar to the remote
access vpn.
But the remote access vpn APIs do not have some field I need:
- createRemoteAccessVpn
- request:
| field I need | current req felds |
| --- | --- |
| If I need to enable ipv4/ipv6 or both | now does not exist |
| optionally the range for ipv4/ipv6 | only ipv4 but not explicitly
specified (`iprange`) |
- response:
| field I need | current felds |
| --- | --- |
| public key | does not exists |
- addVpnUser
- request:
| field I need | current felds |
| --- | --- |
| public key | exists username and password that are not needed |
- response:
| field I need | current felds |
| --- | --- |
| public key | exists username and password that are not needed |
| ip v4 or/and v6 to use for the peer | n.a. |
Also, right now the remote-access vpn is not tied to the vpn server, but it
seems like that all the vpn server made by a user have the same vpn_users. It
would be better for wg to have the user/peer tied to the server instead.
I think It would be possible to use the same APIs by adding some fields
(both in response and request) and a selector field for the vpn type (l2tp or
wireguard). It would also require also to change the params validation based on
the value of the vpn_type field. This would change the current APIs.
We thought that it would have been better to create new APIs, but if it is
preferred to change the current one instead we could try to propose a way to do
it that way.
Please let me know.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
