Logic makes sense I agree, but I'm not aware of the cause of this behaviour, It's simply at the moment how it works - you can isseu Jira ticket to improve this I guess...
On 10 September 2015 at 14:29, Jeremy Peterson <[email protected]> wrote: > Why does internet stop working? > > Shouldn't all traffic route to the VR and use the VR's public interface > for network connectivity? > > Jeremy > > -----Original Message----- > From: Andrija Panic [mailto:[email protected]] > Sent: Thursday, September 10, 2015 7:25 AM > To: [email protected] > Subject: Re: VPC VPN Connectivity Issues > > ok, I also do that, route all traffic over VPN, but in that case, you need > to know Internet stops working on your laptop :) not nice, but good > security :) > > On 10 September 2015 at 14:15, Jeremy Peterson <[email protected]> > wrote: > > > I first thought of that but he doesn't know root and cannot sudo to > > add routes. > > > > That's why I changed it to a full tunnel pushing all traffic over the > VPN. > > > > Jeremy > > > > -----Original Message----- > > From: Sam Ceylani [mailto:[email protected]] > > Sent: Wednesday, September 9, 2015 6:52 PM > > To: <[email protected]> <[email protected]> > > Subject: Re: VPC VPN Connectivity Issues > > > > on windows -- vpn client automatically adds route for your vpc > > network, check route -n on mac from terminal to see route is there and > > add manually if required... > > > > Sent from my iPhone > > > > > On Sep 9, 2015, at 7:47 PM, Jeremy Peterson <[email protected]> > > wrote: > > > > > > So I'm still looking into this has anyone ever tried this? > > > > > > Do you have anyone I can talk to? > > > > > > I've been asking since 8.29.2015 > > > > > > I guess the issue is on a Mac since my VPN network is 10.1.2.0/24 > > > and > > my VPC network is 192.168.2.0/24 he cannot connect. > > > I tested it out on windows 8, 7, 10, 8.1 all work as expected. > > > > > > I don't have a Mac I can test with so I was hoping someone here > > > would > > have any advise. > > > > > > Jeremy > > > > > > -----Original Message----- > > > From: Jeremy Peterson [mailto:[email protected]] > > > Sent: Tuesday, September 8, 2015 8:12 AM > > > To: [email protected] > > > Subject: RE: VPC VPN Connectivity Issues > > > > > > No my issue is not resolved I've been reaching out to the IRC > > > channel > > and have not received notification of anyone knowing what my issue could > be. > > > > > > It would be great to get some traction this week on the issue. I > > > keep > > having to open ACL for public access to the servers as this user is > > unable to get to the server via VPN. > > > > > > Jeremy > > > > > > -----Original Message----- > > > From: Remi Bergsma [mailto:[email protected]] > > > Sent: Saturday, September 5, 2015 10:11 AM > > > To: <[email protected]> <[email protected]> > > > Subject: Re: VPC VPN Connectivity Issues > > > > > > Hi Jeremy, > > > > > > Did you already solve your problem? > > > > > > Not sure if it is possible to use the IPSec tunnels from remote VPN. > > Firewall might be too strict, but haven't looked yet. > > > > > > Regards, Remi > > > > > > Sent from my iPhone > > > > > >> On 29 Aug 2015, at 17:00, Jeremy Peterson <[email protected]> > > wrote: > > >> > > >> I am not sure if this was asked or answered but googling has led me > > >> no > > where. > > >> > > >> > > >> I am running cloudstack 4.5.0, XenServer 6.5, Advanced networking > > >> w/ > > VLAN segmentation. > > >> > > >> > > >> I have a VPC setup which i am using a IPSec tunnel back to a zywall > > firewall and a monowall firewall. > > >> > > >> > > >> Monowall Cloustack VPC zywall > > >> > > >> 192.168.1.0/24 192.168.2.0/24 192.168.71.0/24 > > >> > > >> > > >> Tunnels are setup in vpc for both locations and servers in > > >> cloudstack > > can connect to the world and connect to the monowall and zywall networks. > > >> > > >> > > >> Everything is fine with that but when I have a remote user that > > >> needs > > to VPN into the cloudstack VPC is where i am thrown into a whirlwind > > of questions. > > >> > > >> > > >> I setup a VPN connection on the VR for the VPC. > > >> > > >> I setup username/password. > > >> > > >> > > >> The user sets up the connection on his Mac OSX and using split > > >> tunnel > > can connect to the VPN. > > >> > > >> > > >> My VPN network is 10.1.2.0/24 > > >> > > >> > > >> He receives a 10.1.2.3 ip address. > > >> > > >> > > >> He is unable to ping the IPSec Tunnel gateways 192.168.1.1 and > > 192.168.71.1. > > >> > > >> > > >> He can get to the world as his default gateway is his router. > > >> > > >> > > >> I switched to push all traffic over the VPN to remove the split > tunnel. > > >> > > >> > > >> He is able to ping the 10.1.2.1 gateway on the VR > > >> > > >> > > >> He is able to ping his gateway the VPC router 10.1.2.1. > > >> > > >> > > >> He is able to ping the VPC network's gateway 192.168.2.1 > > >> > > >> He is unable to get to the world. I try to ping google dns 8.8.8.8 > > >> and > > it doesnt' get past the VR 10.1.2.1 in traceroutes. > > >> > > >> I am looking for help on this as i'm confused. If I change him > > >> back to > > a split tunnel as that would be prefered why is the tunnel not > > annoucing all networks know to the VR. > > >> > > >> I was able to recreate this issue on windows 8.1. > > >> > > >> ?Jeremy > > > > > > -- > > Andrija Panić > -- Andrija Panić
