etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloudstack/systemvm/debian/opt/cloud/bin
History
Daniel Augusto Veronezi Salvador cf32f77e3d
systemvm: Fix C2S VPN in parallel to S2S VPN (#6907) 
PR #5375, introduced in version 4.15.2.0, removed parameter %any of VPNs client-to-site (C2S) IPSec secrets:

structure before PR vr: ipsec/l2tp vpn secret with no ID selectors #5375:
<IP> %any : PSK "<PSK>"
structure after PR vr: ipsec/l2tp vpn secret with no ID selectors #5375:
<IP> : PSK "<PSK>"
Because of that, when a VPN site-so-site (S2S) is created in parallel to a VPN C2S in the same network, the C2S will not handle any IP (%any) anymore and, as the network is being tunneled to the other VPN, the connection will be handled by the final peer. This way, when a VPN S2S is created in parallel to a VPN C2S in the same network, it is only possible to connect to the C2S with the S2S PSK.

As ACS is only able to implement a single C2S per network (ACS allows setting more than one IP of the network as VPN, however, only the first will be implemented) and every S2S has its own secret file, the secrets structure of C2S was changed to contain only the PSK:

: PSK "<PSK>"
By doing that, StrongSwan will handle correctly C2S connections from any IP and still will use the correct PSK for S2S.

Co-authored-by: GutoVeronezi <daniel@scclouds.com.br>
 		2022-11-30 18:29:05 +05:30
..
cs systemvm: setup radvd correctly (#6343) 2022-05-03 17:53:32 -03:00
setup systemvm,vr: disable radvd for non-applicable VRs (#6706) 2022-09-07 13:42:57 +05:30
baremetal-vr.py systemvmtemplate: bump to Debian 11.0.0 systemvmtemplate (#5317) 2021-08-18 16:47:08 +05:30
baremetal_snat.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
bumpup_priority.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
checkbatchs2svpn.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
checkrouter.sh network: ipv6 static routes (#5786) 2022-04-25 22:51:32 -03:00
checks2svpn.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
cleanup.sh Get Diagnostics: Download logs and diagnostics data from SSVM, CPVM, Router (#3350) 2020-01-15 11:38:33 +01:00
cloud-nic.sh router: Fixes #2789 fix proper mark based packet routing across interfaces (#2791) 2018-08-08 12:05:42 +05:30
configure.py systemvm: Fix C2S VPN in parallel to S2S VPN (#6907) 2022-11-30 18:29:05 +05:30
configure_router.py cloudstack: make code more inclusive 2021-06-08 15:47:20 +05:30
cs_cmdline.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_dhcp.py vr: remove old ips with same mac address in dhcpentry databag (#5059) 2021-06-01 20:57:26 +05:30
cs_firewallrules.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_forwardingrules.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_guestnetwork.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_ip.py router: Fixes #2719 program VR nics by device id order for VPC (#2888) 2018-10-10 15:20:36 +05:30
cs_loadbalancer.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_monitorservice.py Health check feature for virtual router (#3575) 2020-01-30 12:39:03 +01:00
cs_network_acl.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_remoteaccessvpn.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_site2sitevpn.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_staticroutes.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_vmdata.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_vmp.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
cs_vpnusers.py CLOUDSTACK-10013: Fixes based on code review and test failures 2017-12-23 17:51:42 +05:30
diagnostics.py network: ipv6 static routes (#5786) 2022-04-25 22:51:32 -03:00
dnsmasq.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
edithosts.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
filesystem_writable_check.py storage: New Dell EMC PowerFlex Plugin (formerly ScaleIO, VxFlexOS) (#4304) 2021-02-24 14:58:33 +05:30
getRouterAlerts.sh cloudstack: add JDK11 support (#3601) 2020-02-12 12:58:25 +05:30
getRouterMonitorResults.sh Health check feature for virtual router (#3575) 2020-01-30 12:39:03 +01:00
get_diagnostics_files.py Get Diagnostics: Download logs and diagnostics data from SSVM, CPVM, Router (#3350) 2020-01-15 11:38:33 +01:00
get_template_version.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
ilb.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
ipassoc.sh cloudstack: make code more inclusive 2021-06-08 15:47:20 +05:30
ipsectunnel.sh server: Adding VPN options for IKE version and IKE split connections (#4953) 2021-05-05 12:54:23 +05:30
line_edit.py Fix Python code checkstyle execute by "systemvm\test\runtests.sh" (#2576) 2018-04-18 13:07:37 -03:00
loadbalancer.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
merge.py network: ipv6 static routes (#5786) 2022-04-25 22:51:32 -03:00
monitor_service.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
netusage.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
passwd_server_ip.py router: Set up metadata/password/dhcp server on gateway IP instead of guest IP in RVR (#3477) 2020-01-28 10:35:59 +05:30
patched.sh SystemVM optimizations (#5831) 2022-04-21 13:40:19 -03:00
prepare_pxe.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
savepassword.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
set_redundant.py CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
update_config.py VR: fix logging is not working and logs are not appended to /var/log/cloud.log (#4466) 2020-11-20 10:40:02 +00:00
vmdata.py Fix Python code checkstyle execute by "systemvm\test\runtests.sh" (#2576) 2018-04-18 13:07:37 -03:00
vpc_func.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
vpc_netusage.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
vpc_snat.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
vpc_staticroute.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
vpn_l2tp.sh CLOUDSTACK-10013: SystemVM codebase refactorings and improvements 2017-12-23 09:22:44 +05:30
vr_cfg.sh systemvm: loop optimisation in bash (#4451) 2021-02-18 18:18:16 +05:30