Hi Nux, Could it be your cloudstack version ? modp3072 is recent I think in CloudStack so if you run a older version maybe it's not there?
On Tue, Nov 21, 2017 at 6:55 PM, Nux! <n...@li.nux.ro> wrote: > Thanks Chiradeep, > > Checked but brain says no. What should I have learned from there? > > AFAIK this is a terraform fail. > > Lucian > > -- > Sent from the Delta quadrant using Borg technology! > > Nux! > www.nux.ro > > ----- Original Message ----- > > From: "Chiradeep Vittal" <chirade...@gmail.com> > > To: "dev" <dev@cloudstack.apache.org> > > Sent: Tuesday, 21 November, 2017 19:14:16 > > Subject: Re: Fail with vpn customer gateway creation through terraform > > > Check > > https://github.com/apache/cloudstack/blob/77864992fe8f80dbabd1240f6373d2 > ba3e98713c/utils/src/main/java/com/cloud/utils/net/NetUtils.java#L1221 > > > > On Tue, Nov 21, 2017 at 10:11 AM, Nux! <n...@li.nux.ro> wrote: > > > >> Hi, > >> > >> I'm trying out terraform and had success so far, except for the vpn > >> customer gateway feature. > >> For some reason, terraform fails to create it, though I use the same > >> options as in UI/cloudmonkey where it works just fine. > >> > >> The snippet for it is: > >> > >> resource "cloudstack_vpn_customer_gateway" "default" { > >> name = "test-vpc" > >> cidr = "10.0.0.0/24" > >> esp_policy = "aes256-sha1" > >> gateway = "1.2.3.4" > >> ike_policy = "sha1-aes256;modp3072" > >> ipsec_psk = "terraformxyz7" > >> } > >> > >> It always complains about the ike_policy: > >> * cloudstack_vpn_customer_gateway.default: Error creating VPN Customer > >> Gateway test-vpc: Undefined error: {"errorcode":431,"errortext":"The > >> customer gateway IKE policy sha1-aes256;modp3072 is invalid! Verify the > >> required Diffie Hellman (DH) group is specified."} > >> > >> I tried all sorts of ways to write the ike_policy, escaped, web > >> encoded/decoded, nothing worked. What am I missing? > >> The example terraform docs provide suffers the same fate. > >> > >> Lucian > >> > >> -- > >> Sent from the Delta quadrant using Borg technology! > >> > >> Nux! > >> www.nux.ro >
