You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am experiencing an issue with the VPN Client to Site functionality. I am using the DrayTek Smart VPN Client to connect to the VPN, and the connection is successful. I receive an IP address (10.1.9.2) for the VPN interface on my PC, and I can ping to 10.1.9.1 successfully. There are two scenarios:
If I enable "Use default gateway on remote network," I can ping the VMs in the VPC, but I lose internet connection from my PC.
If I disable "Use default gateway on remote network," I cannot ping the VMs in the VPC, but the internet connection on my PC remains operational.
I also attempted to set up a VPN connection on Windows, and the result is the same as case 1 when using the DrayTek VPN app.
STEPS TO REPRODUCE
Create a non-redundant VPC.
Create a network tier.
Create a VM in the network tier (ACL default_allow).
Enable VPN site-to-site gateway.
Create an S2S VPN connection.
Enable VPN client-to-site on IP source NAT.
Create a user for the VPN.
Connect to the VPN using two methods: DrayTek App and VPN connection in Windows.
EXPECTED RESULTS
If I disable "Use default gateway on remote network," I should be able to ping the VMs in the VPC, and the internet connection on my PC should still work.
I am unsure how to check or verify this from any source. Please provide assistance; thanks for any ideas!
The text was updated successfully, but these errors were encountered:
I have discovered a new clue.
The steps to reproduce is the same, but for VPC with a CIDR of 192.168.0.0/16 or 172.16.0.0/16, the VPN C2S does not work. On the contrary, for VPCs with a CIDR of 10.x.0.0/16, it is okay. The issue seems to be related to CIDR, but currently, I cannot change CIDR for the already created VPC as it is in use. Is there any way for the VPN C2S to still function with the CIDR 192.168.0.0/16 as it is currently?
@tuanhoangth1603 , you would have to set a route for the VPC subnet in your local machine.
As of now updateing the CIDR of a VPC is not allowed because multiple tiers might be using it.
I have discovered a new clue. The steps to reproduce is the same, but for VPC with a CIDR of 192.168.0.0/16 or 172.16.0.0/16, the VPN C2S does not work. On the contrary, for VPCs with a CIDR of 10.x.0.0/16, it is okay. The issue seems to be related to CIDR, but currently, I cannot change CIDR for the already created VPC as it is in use. Is there any way for the VPN C2S to still function with the CIDR 192.168.0.0/16 as it is currently?
so, it seems the issue is because your IP (192.168.75.1) is in the VPC CIDR (192.168.0.0/16).
There is no API to update CIDR of existing VPC, as @DaanHoogland mentioned.
You can try to update CIDR by manual database change to a smaller CIDR (for example 192.168.0.0/20, or /22), and restart VPC with cleanup.
I have not tested it, maybe some other changes are required.
CLOUDSTACK VERSION
4.17.2.0
SUMMARY
I am experiencing an issue with the VPN Client to Site functionality. I am using the DrayTek Smart VPN Client to connect to the VPN, and the connection is successful. I receive an IP address (10.1.9.2) for the VPN interface on my PC, and I can ping to 10.1.9.1 successfully. There are two scenarios:
I also attempted to set up a VPN connection on Windows, and the result is the same as case 1 when using the DrayTek VPN app.
STEPS TO REPRODUCE
EXPECTED RESULTS
If I disable "Use default gateway on remote network," I should be able to ping the VMs in the VPC, and the internet connection on my PC should still work.
I am unsure how to check or verify this from any source. Please provide assistance; thanks for any ideas!
The text was updated successfully, but these errors were encountered: