Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 27 replies
  • Subscribers 2 subscribers
  • Views 79306 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issues with IPSec site-to-site to ASG behind/ in front of NAT

coewar
There is a problem with the AMI. When creating an IPsec site-to-site VPN connection, it's assuming to use the Internal NIC's private IP which is wrong. And hence the opposite router has errors like this:

 we require peer to have ID 'xx.xx.xx.xx', but
peer declares '10.243.45.92'

where 'xx.xx.xx.xx' is the public IP of the Astaro.

I have tested also by creating 2 Astaro EC2 instances and they can't VPN to each other.

So then I also tried adding my own IP alias to the Internal NIC, and I can't! It complains saying that it's write-protected.

I assume these things will be fixed?


This thread was automatically locked due to age.
Parents
  • 0
    Thanks again for documenting so thoroughly and contributing here - I hope you submit this as a feature request, as that's the "official" way to get things like this seen by Astaro.

    I believe the -defaults files are a part of the Configuration Backup, and, as such should not be overwritten by any Up2Dates, so you should be able to retain your changes.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Thanks again for documenting so thoroughly and contributing here - I hope you submit this as a feature request, as that's the "official" way to get things like this seen by Astaro.

    I believe the -defaults files are a part of the Configuration Backup, and, as such should not be overwritten by any Up2Dates, so you should be able to retain your changes.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML