[strongSwan] AWS VPC VPN HA Connections
Noel Kuntze
noel at familie-kuntze.de
Mon Apr 24 01:50:33 CEST 2017
Hello Dave,
It's not possible to configure this natively with policy based IPsec.
Kind regards,
Noel
Am 23.04.2017 um 13:00 schrieb Dave Smith:
> hi all,
>
> I've got connectivity working fine from the multiple guides around for connecting strongswan to AWS VPC VPN service. However as far I can see all these guides revolve connecting to only one of the AZ. As you may know the config from AWS supports HA (2Avail Zone).
>
> When connecting up the second availability zone (such that they have different rightip, but same rightsubnet) 100% packet loss occurs. I assume this is related to a routing issue, but struggling to determine how this should be configured when not using BGP (as in this case it's undesirable)
>
> System being used is latest RHEL7.3 and strongswan 5.4.0
>
> thanks in advance.
---
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170424/6de3ae8d/attachment.sig>
More information about the Users
mailing list