Site to Site VPN state stays 'Disconnected' after upgrading CloudPlatform to 4.7.1

Problem

Site to Site VPN state stays 'Disconnected' after upgrading CloudPlatform to 4.7.1 using external devices like Juniper and Cisco having ikev2 as VPN customer gateway. 

 

Steps to Reproduce the problem

  1. Upgrade CloudPlatform having an active S2S VPN connection having ikev2 with an external device to version 4.7.1.
  2. Check the status of the connection in CloudPlatform UI, it would be in 'Disconnected' state.

Root Cause

 

A defect in the IPSec implementation in 4.7.1 Virtual Router around ikev2

Required Modification

 

A global parameter is introduced to select the ike version for the s2s VPN connection. 

Reason for Modification

 

Ikev2 is not working as expected with some of the external devices used for s2s VPN as VPN customer gateway.

Resolution/Workaround

 

A global parameter is introduced in CloudPlatform so that admin can select the ike version to be used for s2s VPN connection. 

Verification

 

To be picked up from CS ticket once the fix is committed.

Impact on Existing System

 

Helps to fix the known issue with CloudPlatform 4.7.1 S2S VPN when using kev2. 

Potential Adverse Effect

 

There is no known adverse effect to the system. 

Document ID:
115000140503

Product:
CloudPlatform

Version:
4.7.1

Reference Jira ID:
CS-50145

 
Have more questions? Submit a request

Comments