StrongSwan ipsec.conf template is incomplete
Bug #1456336 reported by
Tobias
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Fix Released
|
Undecided
|
Yi Jing Zhu | ||
Bug Description
After switching from openswan to strongswan our VPN services were not working anymore.
I figured out that the strongswan ipsec.conf template is incomplete. Attributes like IKE and IPSEC Policy were missing.
After modification of the template everything is working again. I attached my fixed template. Comments do not work for strongswan, so the template has no comments. Sorry for that.
Revision history for this message
| Tobias (tobik) wrote | #1 |
Revision history for this message
| Tobias (tobik) wrote | #2 |
Revision history for this message
| Yi Jing Zhu (nick-zhuyj) wrote | #3 |
| Changed in neutron: | |
| assignee: | nobody → Yi Jing Zhu (nick-zhuyj) |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to neutron-vpnaas (master) | #4 |
| Changed in neutron: | |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to neutron-vpnaas (master) | #5 |
| Changed in neutron: | |
| status: | In Progress → Fix Released |
Revision history for this message
| Doug Hellmann (doug-hellmann) wrote Fix included in openstack/neutron-vpnaas 9.0.0.0b1 | #6 |
To post a comment you must log in.
Had to add "rightallowany=yes" to the template as dynamic ipsec site to site connections did not come up after ip change of the peer anymore.