I am not sure how you are able to add the VPN user to a Static NAT IP. You should be adding it to the Source NAT IP. Was that just a typo or are you targeting the wrong IP address using the API or something like that?
There are known issues with the current VPN implementation (openswan). Basically, if you try to scp files over it or tail a log, it will drop your connection. You may want to try the code from my PR https://github.com/apache/cloudstack/pull/1741 if you have problems with the current implementation. That PR should make it into the next release... *Will STEVENS* Lead Developer <https://goo.gl/NYZ8KK> On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky < and...@arhont.com.invalid> wrote: > Hello > > Duplicating this from the users list. > > I am running ACS 4.9.0. > > I am having an issue with adding a VPN user to the VPC network. I've > enabled the VPN service on the static IP. The service was enabled and I > have the PSK shown to me. However, when I am adding a new user it fails > with the following error: > > 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl] > (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) > (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on > com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@ > 4465732c > 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl] > (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) > (logid:f76b2eae) Unable to apply vpn users > java.lang.IndexOutOfBoundsException: Index: 1, Size: 1 > at java.util.ArrayList.rangeCheck(ArrayList.java:635) > at java.util.ArrayList.get(ArrayList.java:411) > at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers( > RemoteAccessVpnManagerImpl.java:532) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection > (AopUtils.java:317) > at org.springframework.aop.framework.ReflectiveMethodInvocation. > invokeJoinpoint(ReflectiveMethodInvocation.java:183) > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:150) > at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke( > ExposeInvocationInterceptor.java:91) > at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( > ReflectiveMethodInvocation.java:172) > at org.springframework.aop.framework.JdkDynamicAopProxy. > invoke(JdkDynamicAopProxy.java:204) > at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source) > at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute( > AddVpnUserCmd.java:122) > at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150) > at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java: > 108) > at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5. > runInContext(AsyncJobManagerImpl.java:554) > at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run( > ManagedContextRunnable.java:49) > at org.apache.cloudstack.managed.context.impl. > DefaultManagedContext$1.call(DefaultManagedContext.java:56) > at org.apache.cloudstack.managed.context.impl.DefaultManagedContext. > callWithContext(DefaultManagedContext.java:103) > at org.apache.cloudstack.managed.context.impl.DefaultManagedContext. > runWithContext(DefaultManagedContext.java:53) > at org.apache.cloudstack.managed.context.ManagedContextRunnable.run( > ManagedContextRunnable.java:46) > at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run( > AsyncJobManagerImpl.java:502) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) > at java.util.concurrent.FutureTask.run(FutureTask.java:262) > at java.util.concurrent.ThreadPoolExecutor.runWorker( > ThreadPoolExecutor.java:1145) > at java.util.concurrent.ThreadPoolExecutor$Worker.run( > ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:745) > 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl] > (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) > (logid:f76b2eae) Applying vpn access to VirtualRouter > 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl] > (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) > (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45 > 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] > (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete > async job-31537, jobStatus: FAILED, resultCode: 530, result: > org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[]," > errorcode":530,"errortext":"Failed to add vpn user"} > > Please advise how to get this problem fixed and have a working VPN service? > > Thanks > > Andrei >
