The remote access VPN can not connected

[xuanyuanaosheng]

ISSUE TYPE

• Bug Report

COMPONENT NAME

• VPN

CLOUDSTACK VERSION

• CloudStack 4.17.2.0

CONFIGURATION

Using a VPC-102, The public address is 10.26.20.64

OS / ENVIRONMENT

OS: oracle linux8

SUMMARY

I use the https://docs.cloudstack.apache.org/en/latest/adminguide/networking/using_remote_access.html#microsoft-windows-8 as a direct.

STEPS TO REPRODUCE

1. Create remote access VPN
2. connect using the windows 10 (https://docs.cloudstack.apache.org/en/latest/adminguide/networking/using_remote_access.html#microsoft-windows-8)

EXPECTED RESULTS

can connect the remote access VPN

ACTUAL RESULTS

can not connect remote access VPN

The windows 10 vpn client error is

The cloudstack manager log error is :

2023-02-23 17:26:26,767 DEBUG [c.c.a.ApiServer] (qtp555273695-23:ctx-50335df0 ctx-c4f50adb) (logid:12aebde2) CIDRs from which account 'Acct[86761a89-6cab-11ed-
b904-69f592fc371d-admin] -- Account {"id": 2, "name": "admin", "uuid": "86761a89-6cab-11ed-b904-69f592fc371d"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2023-02-23 17:26:26,778 DEBUG [c.c.a.ApiServlet] (qtp555273695-23:ctx-50335df0 ctx-c4f50adb) (logid:12aebde2) ===END===  10.64.94.43 -- GET  jobId=c66ab6d8-74f
3-42fa-8255-cb855393ce24&command=queryAsyncJobResult&response=json
2023-02-23 17:26:26,855 DEBUG [c.c.a.ApiServlet] (qtp555273695-14:ctx-0d37275c) (logid:049edc7e) ===START===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a
8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json
2023-02-23 17:26:26,860 DEBUG [c.c.a.ApiServer] (qtp555273695-14:ctx-0d37275c ctx-3386c022) (logid:049edc7e) CIDRs from which account 'Acct[86761a89-6cab-11ed-
b904-69f592fc371d-admin] -- Account {"id": 2, "name": "admin", "uuid": "86761a89-6cab-11ed-b904-69f592fc371d"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2023-02-23 17:26:26,863 DEBUG [c.c.a.ApiServlet] (qtp555273695-17:ctx-5439e3ce) (logid:8e9ca2d8) ===START===  10.64.94.43 -- GET  publicipid=7b77a8ca-e989-48e0
-a4ff-14b1ecee9d25&listAll=true&command=listRemoteAccessVpns&response=json
2023-02-23 17:26:26,865 WARN  [c.c.a.d.ParamGenericValidationWorker] (qtp555273695-14:ctx-0d37275c ctx-3386c022) (logid:049edc7e) Received unknown parameters for command listPublicIpAddresses. Unknown parameters : tab
2023-02-23 17:26:26,868 DEBUG [c.c.a.ApiServer] (qtp555273695-17:ctx-5439e3ce ctx-4a866503) (logid:8e9ca2d8) CIDRs from which account 'Acct[86761a89-6cab-11ed-b904-69f592fc371d-admin] -- Account {"id": 2, "name": "admin", "uuid": "86761a89-6cab-11ed-b904-69f592fc371d"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2023-02-23 17:26:26,874 DEBUG [c.c.a.ApiServlet] (qtp555273695-17:ctx-5439e3ce ctx-4a866503) (logid:8e9ca2d8) ===END===  10.64.94.43 -- GET  publicipid=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&listAll=true&command=listRemoteAccessVpns&response=json
2023-02-23 17:26:26,890 DEBUG [c.c.a.ApiServlet] (qtp555273695-14:ctx-0d37275c ctx-3386c022) (logid:049edc7e) ===END===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json
2023-02-23 17:26:26,894 DEBUG [c.c.a.ApiServlet] (qtp555273695-22:ctx-92a83a62) (logid:a5dc90f0) ===START===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json
2023-02-23 17:26:26,898 DEBUG [c.c.a.ApiServer] (qtp555273695-22:ctx-92a83a62 ctx-f0f118dd) (logid:a5dc90f0) CIDRs from which account 'Acct[86761a89-6cab-11ed-b904-69f592fc371d-admin] -- Account {"id": 2, "name": "admin", "uuid": "86761a89-6cab-11ed-b904-69f592fc371d"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2023-02-23 17:26:26,901 WARN  [c.c.a.d.ParamGenericValidationWorker] (qtp555273695-22:ctx-92a83a62 ctx-f0f118dd) (logid:a5dc90f0) Received unknown parameters for command listPublicIpAddresses. Unknown parameters : tab
2023-02-23 17:26:26,918 DEBUG [c.c.a.ApiServlet] (qtp555273695-22:ctx-92a83a62 ctx-f0f118dd) (logid:a5dc90f0) ===END===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json
2023-02-23 17:26:26,933 DEBUG [c.c.a.ApiServlet] (qtp555273695-23:ctx-a6b97ac8) (logid:9169a691) ===START===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json
2023-02-23 17:26:26,938 DEBUG [c.c.a.ApiServer] (qtp555273695-23:ctx-a6b97ac8 ctx-63aa5551) (logid:9169a691) CIDRs from which account 'Acct[86761a89-6cab-11ed-b904-69f592fc371d-admin] -- Account {"id": 2, "name": "admin", "uuid": "86761a89-6cab-11ed-b904-69f592fc371d"}' is allowed to perform API calls: 0.0.0.0/0,::/0
2023-02-23 17:26:26,942 WARN  [c.c.a.d.ParamGenericValidationWorker] (qtp555273695-23:ctx-a6b97ac8 ctx-63aa5551) (logid:9169a691) Received unknown parameters for command listPublicIpAddresses. Unknown parameters : tab
2023-02-23 17:26:26,961 DEBUG [c.c.a.ApiServlet] (qtp555273695-23:ctx-a6b97ac8 ctx-63aa5551) (logid:9169a691) ===END===  10.64.94.43 -- GET  listall=true&tab=vpn&id=7b77a8ca-e989-48e0-a4ff-14b1ecee9d25&allocatedonly=false&page=1&pagesize=20&command=listPublicIpAddresses&response=json

management-server.log

Please take a look, Thanks

[kiranchavala]

@xuanyuanaosheng could you please send the router logs /var/log/*

It could give us the exception on why the vpn connection failed

The router associated with the network

[xuanyuanaosheng]

@kiranchavala The vpc-102 has two virtual route:

the r-61-vm log is:

r-61-VM.tar.gz

the r-62-vm log is: r-61-VM.tar.gz

@kiranchavala Please take a look, If need more info,please contact me.

Any update?

[DaanHoogland]

@xuanyuanaosheng is this still an issue for you?