Github user rhtyd commented on the pull request:
https://github.com/apache/cloudstack/pull/872#issuecomment-217344487
@jayapalu I spent several hours testing this PR, my conclusion is that it
cannot be used for production usage yet and need more tweaking;
- We should consider installing strongswan to 5.x using wheezy-backports,
while building template, we can do: `apt-get -t wheezy-backports install
strongswan`
- NAT-ed clients need to be supported (those clients which are not on a
public IP but behind a NAT), I tested with Windows 10, OSX's default L2TP
client, Android's L2TP client -- all of them failed for me. Ubuntu 16.04 has
issues with strongswan NetworkManager integration so I could not test using
that. I would expect the VPN replacement to allow users to use all of these
clients/OSs in both NAT-ed, double NAT-ed and non NAT-ed cases. Our test cases
should cover VPN access usage from clients on: Windows 10/8/7, OSX and Linux
(NetworkManager with l2tp or strongswan-nm), and optionally for Android and iOS
phone l2tp clients.
- I tried to fix the NAT issues, but I could not figure the configs out
- I could not test site to site VPN or VPN customer gateway features
:-1:
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
