I'm working on a site to site connection from my VPC to my on prem OPNsense VPN.
Cloudstack Version 4.19.0 OPNSense Version 23.4.2 I have two P2 selectors setup in OPNsense and i've got a VPN customer gateway setup with two subnets ( 192.168.251.0/26,172.16.192.0/20 ) in Cloudstack. The issue im running into is, only the first address in my VPN customer gateway gets added to the SAD. So, In the above example, since 192.168.251.0/26 is first I can pass traffic to and from the VPC to that subnet on prem. However, 172.16.192.0/20 is not added. I checked the logs on my VPC VR and found the following. Feb 18 06:11:56 r-407-VM charon: 07[CFG] unable to install policy 172.16.192.0/20 === 10.241.0.0/16 in for reqid 3, the same policy for reqid 5 exists Feb 18 06:11:56 r-407-VM charon: 07[CFG] unable to install policy 172.16.192.0/20 === 10.241.0.0/16 fwd for reqid 3, the same policy for reqid 5 exists Feb 18 06:11:56 r-407-VM charon: 07[CFG] unable to install policy 10.241.0.0/16 === 172.16.192.0/20 out for reqid 3, the same policy for reqid 5 exists Wondering if i'm just formatting my VPN customer gateway CIDRs wrong? Thanks! Wally
