Difference between revisions of "Neutron/VPNaaS/SSLVPN/HowToUse"

Latest revision as of 07:55, 19 February 2014

(1) install openvpn

   apt-get install openvpn

(2) run devstack with ongoing patches

(1) create vpn certificate

   neutron vpn-credential-create --name vpncredential1 --ca ca.crt --server_certificate east-server.crt --server_key east-server.key --dh dh1024.pem

(2) create vpn service

   neutron vpn-service-create router1 private-subnet --name vpnservice1

(3) create sslvpn connection

   neutron ssl-vpn-connection-create vpnservice1 vpncredential1

(4) Check connections

    neutron ssl-vpn-connection-list

(5) run test client in namespace

    cd openvpn
    sudo ./ovpn-testclient.sh

@@ Line 3: / Line 3: @@
 === On going reviews ===
-# Server Side Plugin:  https://review.openstack.org/#/c/58897/
+# Server Side Plugin and Agent support: https://review.openstack.org/#/c/70274/
-# Client Support[WIP]:
+# Client Support[WIP]: https://review.openstack.org/#/c/70254/
-# Agent [WIP]:
 == Setup ==
@@ Line 17: / Line 16: @@
 == Workflow ==
-# create vpn certificate
+(0) Clone test certificates and scripts from  https://github.com/nttmcl/neutron_ssl_vpn_script/tree/master/openvpn
-<pre><nowiki>
+(1) create vpn certificate
-neutron vpn-credential-create --name test --ca ca.crt --server_certificate east-server.crt --server_key east-server.key --dh dh1024.pem
-</nowiki></pre>
-# create
+    neutron vpn-credential-create --name vpncredential1 --ca ca.crt --server_certificate east-server.crt --server_key east-server.key --dh dh1024.pem
+(2) create vpn service
+    neutron vpn-service-create router1 private-subnet --name vpnservice1
+(3) create sslvpn connection
+    neutron ssl-vpn-connection-create vpnservice1 vpncredential1
+(4) Check connections
+     neutron ssl-vpn-connection-list
+(5) run test client in namespace
+     cd openvpn
+     sudo ./ovpn-testclient.sh