Why does internet stop working? Shouldn't all traffic route to the VR and use the VR's public interface for network connectivity?
Jeremy -----Original Message----- From: Andrija Panic [mailto:[email protected]] Sent: Thursday, September 10, 2015 7:25 AM To: [email protected] Subject: Re: VPC VPN Connectivity Issues ok, I also do that, route all traffic over VPN, but in that case, you need to know Internet stops working on your laptop :) not nice, but good security :) On 10 September 2015 at 14:15, Jeremy Peterson <[email protected]> wrote: > I first thought of that but he doesn't know root and cannot sudo to > add routes. > > That's why I changed it to a full tunnel pushing all traffic over the VPN. > > Jeremy > > -----Original Message----- > From: Sam Ceylani [mailto:[email protected]] > Sent: Wednesday, September 9, 2015 6:52 PM > To: <[email protected]> <[email protected]> > Subject: Re: VPC VPN Connectivity Issues > > on windows -- vpn client automatically adds route for your vpc > network, check route -n on mac from terminal to see route is there and > add manually if required... > > Sent from my iPhone > > > On Sep 9, 2015, at 7:47 PM, Jeremy Peterson <[email protected]> > wrote: > > > > So I'm still looking into this has anyone ever tried this? > > > > Do you have anyone I can talk to? > > > > I've been asking since 8.29.2015 > > > > I guess the issue is on a Mac since my VPN network is 10.1.2.0/24 > > and > my VPC network is 192.168.2.0/24 he cannot connect. > > I tested it out on windows 8, 7, 10, 8.1 all work as expected. > > > > I don't have a Mac I can test with so I was hoping someone here > > would > have any advise. > > > > Jeremy > > > > -----Original Message----- > > From: Jeremy Peterson [mailto:[email protected]] > > Sent: Tuesday, September 8, 2015 8:12 AM > > To: [email protected] > > Subject: RE: VPC VPN Connectivity Issues > > > > No my issue is not resolved I've been reaching out to the IRC > > channel > and have not received notification of anyone knowing what my issue could be. > > > > It would be great to get some traction this week on the issue. I > > keep > having to open ACL for public access to the servers as this user is > unable to get to the server via VPN. > > > > Jeremy > > > > -----Original Message----- > > From: Remi Bergsma [mailto:[email protected]] > > Sent: Saturday, September 5, 2015 10:11 AM > > To: <[email protected]> <[email protected]> > > Subject: Re: VPC VPN Connectivity Issues > > > > Hi Jeremy, > > > > Did you already solve your problem? > > > > Not sure if it is possible to use the IPSec tunnels from remote VPN. > Firewall might be too strict, but haven't looked yet. > > > > Regards, Remi > > > > Sent from my iPhone > > > >> On 29 Aug 2015, at 17:00, Jeremy Peterson <[email protected]> > wrote: > >> > >> I am not sure if this was asked or answered but googling has led me > >> no > where. > >> > >> > >> I am running cloudstack 4.5.0, XenServer 6.5, Advanced networking > >> w/ > VLAN segmentation. > >> > >> > >> I have a VPC setup which i am using a IPSec tunnel back to a zywall > firewall and a monowall firewall. > >> > >> > >> Monowall Cloustack VPC zywall > >> > >> 192.168.1.0/24 192.168.2.0/24 192.168.71.0/24 > >> > >> > >> Tunnels are setup in vpc for both locations and servers in > >> cloudstack > can connect to the world and connect to the monowall and zywall networks. > >> > >> > >> Everything is fine with that but when I have a remote user that > >> needs > to VPN into the cloudstack VPC is where i am thrown into a whirlwind > of questions. > >> > >> > >> I setup a VPN connection on the VR for the VPC. > >> > >> I setup username/password. > >> > >> > >> The user sets up the connection on his Mac OSX and using split > >> tunnel > can connect to the VPN. > >> > >> > >> My VPN network is 10.1.2.0/24 > >> > >> > >> He receives a 10.1.2.3 ip address. > >> > >> > >> He is unable to ping the IPSec Tunnel gateways 192.168.1.1 and > 192.168.71.1. > >> > >> > >> He can get to the world as his default gateway is his router. > >> > >> > >> I switched to push all traffic over the VPN to remove the split tunnel. > >> > >> > >> He is able to ping the 10.1.2.1 gateway on the VR > >> > >> > >> He is able to ping his gateway the VPC router 10.1.2.1. > >> > >> > >> He is able to ping the VPC network's gateway 192.168.2.1 > >> > >> He is unable to get to the world. I try to ping google dns 8.8.8.8 > >> and > it doesnt' get past the VR 10.1.2.1 in traceroutes. > >> > >> I am looking for help on this as i'm confused. If I change him > >> back to > a split tunnel as that would be prefered why is the tunnel not > annoucing all networks know to the VR. > >> > >> I was able to recreate this issue on windows 8.1. > >> > >> ?Jeremy > -- Andrija Panić
