Hi Rodolfo Alonso,
Sorry for not listing all the steps, I followed https://docs.openstack.org/neutron/yoga/admin/vpnaas-scenario.html#configure-vpnaas-without-endpoint-group-the-legacy-way:
Step 1: Create Subnetpool $ openstack subnet pool create --pool-prefix 10.157.0.0/16 --share subnetpool1
Step 2: Create network: $ openstack network create --share network1
Step 3: Create subnet $ openstack subnet create --network network1 --subnet-pool subnetpool1 --prefix-length 24 subnet1
Step 4: Create router $ openstack router create router2
Step 5: Add subnet to router $ openstack router add subnet router2 subnet1
Step 6: Add gateway to router (external network already created by Horizon) $ openstack router set --external-gateway external_1 router2
Step 7: Create IKE Policy $ openstack vpn ike policy create ikepolicy1
Step 8: Create IPSec Policy $ openstack vpn ipsec policy create ipsecpolicy1
Step 9: Create VPN Service $ openstack vpn service create --subnet subnet1 --router router2 vpnservice1
Step 10: Create IPSec site connection: $ openstack vpn ipsec site connection create conn \ > --vpnservice vpnservice1 \ > --ikepolicy ikepolicy1 \ > --ipsecpolicy ipsecpolicy1 \ > --peer-address 192.168.20.11 \ > --peer-id 192.168.20.11 \ > --peer-cidr 192.168.1.0/24 \ > --psk secret
All to be created, however, the IPSec site connection always maintains pending create state and there are error logs as above that I described.
Best Regards.
Hi Rodolfo Alonso,
Sorry for not listing all the steps, I followed https:/ /docs.openstack .org/neutron/ yoga/admin/ vpnaas- scenario. html#configure- vpnaas- without- endpoint- group-the- legacy- way:
Step 1: Create Subnetpool
$ openstack subnet pool create --pool-prefix 10.157.0.0/16 --share subnetpool1
Step 2: Create network:
$ openstack network create --share network1
Step 3: Create subnet
$ openstack subnet create --network network1 --subnet-pool subnetpool1 --prefix-length 24 subnet1
Step 4: Create router
$ openstack router create router2
Step 5: Add subnet to router
$ openstack router add subnet router2 subnet1
Step 6: Add gateway to router (external network already created by Horizon)
$ openstack router set --external-gateway external_1 router2
Step 7: Create IKE Policy
$ openstack vpn ike policy create ikepolicy1
Step 8: Create IPSec Policy
$ openstack vpn ipsec policy create ipsecpolicy1
Step 9: Create VPN Service
$ openstack vpn service create --subnet subnet1 --router router2 vpnservice1
Step 10: Create IPSec site connection:
$ openstack vpn ipsec site connection create conn \
> --vpnservice vpnservice1 \
> --ikepolicy ikepolicy1 \
> --ipsecpolicy ipsecpolicy1 \
> --peer-address 192.168.20.11 \
> --peer-id 192.168.20.11 \
> --peer-cidr 192.168.1.0/24 \
> --psk secret
All to be created, however, the IPSec site connection always maintains pending create state and there are error logs as above that I described.
Best Regards.