[GitHub] JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1
JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1 URL: https://github.com/apache/cloudstack/issues/3138#issuecomment-467396551 Maybe these links/info can help fixing or identifying this problem: - [[strongSwan] multiple traffic selectors per child_sa](https://lists.strongswan.org/pipermail/users/2018-October/013048.html) - [Cisco Bug: CSCue42170 - IKEv2: Support Multi Selector under the same child SA](https://quickview.cloudapps.cisco.com/quickview/bug/CSCue42170) - [CSCue42170 - IKEv2 Support Multi Selector under the same child SA](https://quickview.cloudapps.cisco.com/quickview/bug/CSCue42170) These links are related to Cisco ASA and IOS models only. We encountered this issue with other firewalls and vendors too (for example: MikroTik, SecurePoint, Barracuda). This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1
JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1 URL: https://github.com/apache/cloudstack/issues/3138#issuecomment-467362453 Well unfortunately, it seems that we have more problems with this issue. As soon as we update the virtual router to 4.11.2.0 multiple subnets stop working (everything worked before). We run XenServer 6.0 with all latest patches. The virtual routers run as HVM - before PV. We upgraded from 4.10.0.0, CS Management Server currently runs on CentOS 7.6.1810. So far, we did not find a way to get the affected customer gateways / VPNs up and running again. We currently migrated the affected VPCs to dedicated L2 networks like written before. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1
JnSchl commented on issue #3138: StrongSwan with several rightsubnet's - ikev1 URL: https://github.com/apache/cloudstack/issues/3138#issuecomment-463206611 Hi, we encounter the same issues mainly with IKEv2. So far, we did not test changing the configuration manually – we migrated the affected networks to L2 networks with dedicated virtual routers which are managed outside of CloudStack. This is not a solution. Please let us know if we can help somehow. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
