Re: [Openstack] Site to Site VPN in openstack
Openstack VPN is policy based, each remote network must have a policy. It is not a routed VPN tunnel like most devices. From: "Jaison Peter" <urotr...@gmail.com> To: "OpenStack General" <openstack@lists.openstack.org>, jw...@rockplace.co.kr Sent: Wednesday, September 21, 2016 1:47:25 AM Subject: Re: [Openstack] Site to Site VPN in openstack Thanks for your reply Han, That means, if we have 10.0.0.0 network in premises and 192.168.0.0 network in remote openstack private cloud, and if we need to set a site to site VPN with routes on the VPN endpoints so that both networks can communicate each other, then this case won't work if the on premises's VPN endpoint is a hardware device like ASA? On Tue, Sep 20, 2016 at 11:39 AM, Jaison Peter < urotr...@gmail.com > wrote: Hello all, I was checking if anything prevents us from establishing a site to site VPN from openstack private cloud to a on site hardware device like Cisco ASA. I knew that its possible to setup a site to site VPN between two openstack clouds using VPNaaS, but I am not sure about openstack to hardware device scenario. Please advice. ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Site to Site VPN in openstack
Thanks for your reply Han, That means, if we have 10.0.0.0 network in premises and 192.168.0.0 network in remote openstack private cloud, and if we need to set a site to site VPN with routes on the VPN endpoints so that both networks can communicate each other, then this case won't work if the on premises's VPN endpoint is a hardware device like ASA? On Tue, Sep 20, 2016 at 11:39 AM, Jaison Peterwrote: > Hello all, > > > I was checking if anything prevents us from establishing a site to site > VPN from openstack private cloud to a on site hardware device like Cisco > ASA. I knew that its possible to setup a site to site VPN between two > openstack clouds using VPNaaS, but I am not sure about openstack to > hardware device scenario. Please advice. > ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Site to Site VPN in openstack
There will not be a problem when you setup a vpn with standard IPSec Tunnel to a hardware device. One thing you should consider is that if it is required to exchange routing information through tunnel. In that case you need to setup a software router and forwarding table setup in the VPN endpoint. 2016년 09월 20일 15:09에 Jaison Peter 이(가) 쓴 글: Hello all, I was checking if anything prevents us from establishing a site to site VPN from openstack private cloud to a on site hardware device like Cisco ASA. I knew that its possible to setup a site to site VPN between two openstack clouds using VPNaaS, but I am not sure about openstack to hardware device scenario. Please advice. ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack