Side2Side VPN connection between OpenStack VPN and AVM Fritz!Box
Define variables for OpenStack VPN configuration
FRITZBOX_EXTERNAL_IP=x.x.x.x # curl ipinfo.io/ip FRITZBOX_NETWORK=192.168.178.0/24 # Heimnetz > Netzwerk > Netzwerkeinstellungen > IPv4-Einstellungen PASSWORD='xxxxxxxx' # apg -m 32 OPENSTACK_SUBNET_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # openstack subnet list OPENSTACK_ROUTER_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx # openstack router list
Define variables
# Create ike v1 policy openstack vpn ike policy create vpn_ike_1 \ --ike-version v1 \ --encryption-algorithm aes-256 \ --auth-algorithm sha256 \ --pfs group14 # Create ipsec policy openstack vpn ipsec policy create vpn_ipsec_1 \ --encryption-algorithm aes-256 \ --auth-algorithm sha256 \ --pfs group14 # Create service openstack vpn service create vpn_service_1 \ --router ${OPENSTACK_ROUTER_ID} # Create local endpoint group openstack vpn endpoint group create vpn_endpoint_openstack \ --type subnet \ --value ${OPENSTACK_SUBNET_ID} # Create peer endpoint group openstack vpn endpoint group create vpn_endpoint_fritzbox \ --type cidr \ --value ${FRITZBOX_NETWORK} # Create connection openstack vpn ipsec site connection create vpn_connection_1 \ --vpnservice vpn_service_1 \ --ikepolicy vpn_ike_1 \ --ipsecpolicy vpn_ipsec_1 \ --peer-address ${FRITZBOX_EXTERNAL_IP} \ --peer-id ${FRITZBOX_NETWORK} \ --psk ${PASSWORD} \ --local-endpoint-group vpn_endpoint_openstack \ --peer-endpoint-group vpn_endpoint_fritzbox
Allow SSH access from VPN