AWS IPsec links: Difference between revisions
Jump to navigation
Jump to search
(→aws1) |
(→aws1) |
||
| Line 80: | Line 80: | ||
* Connect to CSE endpoint:<br /><code>root@vmfram1 # '''ssh -l root -A centos7'''</code> | * Connect to CSE endpoint:<br /><code>root@vmfram1 # '''ssh -l root -A centos7'''</code> | ||
* Start strongSwan:<br /><code>root@centos7 # '''systemctl start strongswan'''</code> | |||
* Display strongSwan status:<br /><syntaxhighlight lang="null">[root@centos7 system]# strongswan status | |||
Security Associations (2 up, 0 connecting): | |||
aws1tunnel2[2]: ESTABLISHED 11 minutes ago, 129.94.242.18[129.94.242.18]...54.79.34.39[54.79.34.39] | |||
aws1tunnel2{2}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: f82804db_i c110cd07_o | |||
aws1tunnel2{2}: 0.0.0.0/0 === 172.16.254.0/24 | |||
aws1tunnel1[1]: ESTABLISHED 11 minutes ago, 129.94.242.18[129.94.242.18]...13.238.86.95[13.238.86.95] | |||
aws1tunnel1{1}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: f0acb0c7_i c29fc1ef_o | |||
aws1tunnel1{1}: 0.0.0.0/0 === 172.16.254.0/24 | |||
[root@centos7 system]#</syntaxhighlight> | |||
Revision as of 17:22, 1 August 2022
Sydney VPC list
| VPC name | VPC ID | IPv4 CIDR | Description | Notable hosts |
|---|---|---|---|---|
| nw-sydney | vpc-0e6039446916e2d4e | 10.197.84.0/22 | CSE production | nw-syd-cfengine-hub |
| nw-sydney2 | vpc-0d909b2f0f3cab97a | 10.197.92.0/24 | Network experiments | experimental-networking-nw-sydney2 (54.253.107.94) |
| csgproduction | vpc-081c8a619f02801f6 | 172.17.254.0/24 | CSG production | techdocs, cfplaypen |
| aws1 | vpc-044951ecd1f85d3a2 | 172.16.254.0/24 | Non-CSG production | comp6443, cs1511-request-tracker, zzen9212-pen-testing-server1, zzen9212-pen-testing-server2 |
Sydney AWS VPN (IPsec) list
| AWS region | VPN name | VPN ID | Description | Customer gateway | Remote CIDR | Type | Tunnel 1 | Tunnel 2 | Comments | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| Sydney | aws-ipsec-to-k17 | vpn-0329f8fc12afa0c09 | cserouter1 | 129.94.39.21 cserouter1 |
0.0.0.0/0 | ipsec.1 | 52.63.191.33 169.254.187.12/30 |
52.64.121.168 169.254.38.88/30 |
All tunnel options set to defaults at AWS end | Not in use |
| Sydney | aws1 | vpn-0640a3802b05574e5 | vmfarm endpoint for testing | 129.94.242.18 centos7 |
172.16.254.0/24 (csgproduction) |
ipsec.1 | 13.238.86.95 169.254.52.236/30 |
54.79.34.39 169.254.176.252/30 |
All tunnel options set to defaults at AWS end | Not in use |
Sydney AWS VPN (OpenVPN) list
aws-ipsec-to-k17
aws1
- Connect to CSE endpoint:
root@vmfram1 # ssh -l root -A centos7 - Start strongSwan:
root@centos7 # systemctl start strongswan - Display strongSwan status:
[root@centos7 system]# strongswan status Security Associations (2 up, 0 connecting): aws1tunnel2[2]: ESTABLISHED 11 minutes ago, 129.94.242.18[129.94.242.18]...54.79.34.39[54.79.34.39] aws1tunnel2{2}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: f82804db_i c110cd07_o aws1tunnel2{2}: 0.0.0.0/0 === 172.16.254.0/24 aws1tunnel1[1]: ESTABLISHED 11 minutes ago, 129.94.242.18[129.94.242.18]...13.238.86.95[13.238.86.95] aws1tunnel1{1}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: f0acb0c7_i c29fc1ef_o aws1tunnel1{1}: 0.0.0.0/0 === 172.16.254.0/24 [root@centos7 system]#