Replace neutron CLI with openstack CLI
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead. Highlighted texts are now emphasized by "emphasize-lines" option of the code-block directive. Co-Authored-By: Akihiro Motoki <amotoki@gmail.com> Change-Id: I552171fe3e22290580e2cdff20adccf655573d03
This commit is contained in:
Hunt Xu
Cao Xuan Hoang
parent
f2b1590feb
commit
0585b53530
@ -44,13 +44,15 @@ Client CLI API
|
||||
--------------
|
||||
|
||||
The originally implemented client CLI APIs (which are still available
|
||||
for backward compatibility) for an IPsec connection are::
|
||||
for backward compatibility) for an IPsec connection are:
|
||||
|
||||
neutron vpn-service-create ROUTER SUBNET
|
||||
neutron ipsec-site-connection-create
|
||||
--vpnservice-id VPNSERVICE
|
||||
--ikepolicy-id IKEPOLICY
|
||||
--ipsecpolicy-id IPSECPOLICY
|
||||
.. code-block:: none
|
||||
|
||||
openstack vpn service create --router ROUTER --subnet SUBNET NAME
|
||||
openstack vpn ipsec site connection create
|
||||
--vpnservice VPNSERVICE
|
||||
--ikepolicy IKEPOLICY
|
||||
--ipsecpolicy IPSECPOLICY
|
||||
--peer-address PEER_ADDRESS
|
||||
--peer-id PEER_ID
|
||||
--peer-cidr PEER_CIDRS
|
||||
@ -58,34 +60,39 @@ for backward compatibility) for an IPsec connection are::
|
||||
--initiator {bi-directional | response-only}
|
||||
--mtu MTU
|
||||
--psk PSK
|
||||
VPN_IPSEC_SITE_CONNECTION_NAME
|
||||
|
||||
Changes to the API, to support multiple local subnets, are shown in
|
||||
**bold** text::
|
||||
**highlighted** text:
|
||||
|
||||
neutron vpn-service-create ROUTER
|
||||
**neutron vpn-endpoint-groups-create**
|
||||
**--name OPTIONAL-NAME**
|
||||
**--description OPTIONAL-DESCRIPTION**
|
||||
**--ep-type={subnet,cidr,network,vlan,router}**
|
||||
**--ep-value=[list-of-endpoints-of-type]**
|
||||
neutron ipsec-site-connection-create
|
||||
--vpnservice-id VPNSERVICE
|
||||
--ikepolicy-id IKEPOLICY
|
||||
--ipsecpolicy-id IPSECPOLICY
|
||||
.. code-block:: none
|
||||
:emphasize-lines: 2-6,17-18
|
||||
|
||||
openstack vpn service create --router ROUTER NAME
|
||||
openstack vpn endpoint group create
|
||||
--description OPTIONAL-DESCRIPTION
|
||||
--type={subnet,cidr,network,vlan,router}
|
||||
--value=ENDPOINT-OF-TYPE[,--value=ENDPOINT-OF-TYPE,...]
|
||||
ENDPOINT-GROUP-NAME
|
||||
openstack vpn ipsec site connection create
|
||||
--vpnservice VPNSERVICE
|
||||
--ikepolicy IKEPOLICY
|
||||
--ipsecpolicy IPSECPOLICY
|
||||
--peer-address PEER_ADDRESS
|
||||
--peer-id PEER_ID
|
||||
--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT
|
||||
--initiator {bi-directional | response-only}
|
||||
--mtu MTU
|
||||
--psk PSK
|
||||
**--local-endpoints ENDPOINT-GROUPS-UUID**
|
||||
**--peer-endpoints ENDPOINT-GROUPS-UUID**
|
||||
--local-endpoint-group ENDPOINT-GROUP-UUID
|
||||
--peer-endpoint-group ENDPOINT-GROUP-UUID
|
||||
VPN_IPSEC_SITE_CONNECTION_NAME
|
||||
|
||||
The SUBNET in the original service API is optional, and will be used as an
|
||||
indicator of whether or not the multiple local subnets feature is active.
|
||||
See the 'Backward Compatibility' section, below, for details.
|
||||
|
||||
For the endpoint groups, the --ep-type value is a string, so that other
|
||||
For the endpoint groups, the ``--type`` value is a string, so that other
|
||||
types can be supported in the future.
|
||||
|
||||
The endpoint groups API would enforce that the endpoint values are all of
|
||||
@ -102,58 +109,59 @@ specified, and the type would be 'network'.
|
||||
The ROUTER may also be able to be removed, in the future, and can be
|
||||
determined, when the connections are created.
|
||||
|
||||
Note: Using --ep-type, as --endpoint-type is already used elsewhere, and
|
||||
--type is too generic. Using --ep-value, as --endpoint is already in use,
|
||||
--end-point could be easily mistyped as --endpoint, and --value is too
|
||||
generic.
|
||||
|
||||
|
||||
Examples
|
||||
--------
|
||||
|
||||
The original APIs to create one side of an IPSec connection with
|
||||
only one local and peer subnet::
|
||||
only one local and peer subnet:
|
||||
|
||||
neutron vpn-ikepolicy-create ikepolicy
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy
|
||||
neutron vpn-service-create --name myvpn router1 privateA
|
||||
neutron ipsec-site-connection-create
|
||||
--name vpnconnection1
|
||||
--vpnservice-id myvpn
|
||||
--ikepolicy-id ikepolicy
|
||||
--ipsecpolicy-id ipsecpolicy
|
||||
.. code-block:: none
|
||||
|
||||
openstack vpn ike policy create ikepolicy
|
||||
openstack vpn ipsec policy create ipsecpolicy
|
||||
openstack vpn service create --router router1 --subnet privateA myvpn
|
||||
openstack vpn ipsec site connection create
|
||||
--vpnservice myvpn
|
||||
--ikepolicy ikepolicy
|
||||
--ipsecpolicy ipsecpolicy
|
||||
--peer-address 172.24.4.13
|
||||
--peer-id 172.24.4.13
|
||||
--peer-cidr 10.3.0.0/24
|
||||
--psk secret
|
||||
vpnconnection1
|
||||
|
||||
The local CIDR is obtained from the subnet, privateA. In this example,
|
||||
that would be 10.1.0.0/24 (because that's how privateA was created).
|
||||
|
||||
Using the multiple local subnet feature, the APIs (with changes shown
|
||||
in **bold** below::
|
||||
in **highlighted** below:
|
||||
|
||||
neutron vpn-ikepolicy-create ikepolicy
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy
|
||||
neutron vpn-service-create --name myvpn router1
|
||||
**neutron vpn-endpoint-group-create**
|
||||
**--name local-eps**
|
||||
**--ep-type=subnet**
|
||||
**--ep-value=privateA**
|
||||
**--ep-value=privateB**
|
||||
**neutron vpn-endpoint-group-create**
|
||||
**--name peer-eps**
|
||||
**--ep-type=cidr**
|
||||
**--ep-vallue=10.3.0.0/24**
|
||||
neutron ipsec-site-connection-create
|
||||
--name vpnconnection1
|
||||
--vpnservice-id myvpn
|
||||
--ikepolicy-id ikepolicy
|
||||
--ipsecpolicy-id ipsecpolicy
|
||||
.. code-block:: none
|
||||
:emphasize-lines: 4-12,20-21
|
||||
|
||||
openstack vpn ike policy create ikepolicy
|
||||
openstack vpn ipsec policy create ipsecpolicy
|
||||
openstack vpn service create --router router1 myvpn
|
||||
openstack vpn endpoint group create
|
||||
--type=subnet
|
||||
--value=privateA
|
||||
--value=privateB
|
||||
local-eps
|
||||
openstack vpn endpoint group create
|
||||
--type=cidr
|
||||
--value=10.3.0.0/24
|
||||
peer-eps
|
||||
openstack vpn ipsec site connection create
|
||||
--vpnservice myvpn
|
||||
--ikepolicy ikepolicy
|
||||
--ipsecpolicy ipsecpolicy
|
||||
--peer-address 172.24.4.13
|
||||
--peer-id 172.24.4.13
|
||||
--psk secret
|
||||
**--local-endpoints local-eps**
|
||||
**--peer-endpoints peer-eps**
|
||||
--local-endpoint-group local-eps
|
||||
--peer-endpoint-group peer-eps
|
||||
vpnconnection1
|
||||
|
||||
The subnets privateA and privateB are used for local endpoints and the
|
||||
10.3.0.0/24 CIDR is used for the peer endpoint.
|
||||
|
||||
@ -99,27 +99,33 @@ On ``East``
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
neutron vpn-ikepolicy-create ikepolicy1
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy1
|
||||
neutron vpn-service-create --name myvpn --description "My vpn service" router1
|
||||
neutron vpn-endpoint-group-create --name my-locals --type subnet --value mysubnet
|
||||
neutron vpn-endpoint-group-create --name my-peers --type cidr --value 10.2.0.0/24
|
||||
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn \
|
||||
--ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address 172.24.4.233 \
|
||||
--peer-id 172.24.4.233 --local-ep-group my-locals --peer-ep-group my-peers --psk secret
|
||||
openstack vpn ike policy create ikepolicy1
|
||||
openstack vpn ipsec policy create ipsecpolicy1
|
||||
openstack vpn service create --description "My vpn service" \
|
||||
--router router1 myvpn
|
||||
openstack vpn endpoint group create --type subnet --value mysubnet my-locals
|
||||
openstack vpn endpoint group create --type cidr --value 10.2.0.0/24 my-peers
|
||||
openstack vpn ipsec site connection create --vpnservice myvpn \
|
||||
--ikepolicy ikepolicy1 --ipsecpolicy ipsecpolicy1 \
|
||||
--peer-address 172.24.4.233 --peer-id 172.24.4.233 \
|
||||
--local-endpoint-group my-locals --peer-endpoint-group my-peers \
|
||||
--psk secret vpnconnection1
|
||||
|
||||
On ``West``
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
neutron vpn-ikepolicy-create ikepolicy1
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy1
|
||||
neutron vpn-service-create --name myvpn --description "My vpn service" router1
|
||||
neutron vpn-endpoint-group-create --name my-locals --type subnet --value mysubnet
|
||||
neutron vpn-endpoint-group-create --name my-peers --type cidr --value 10.1.0.0/24
|
||||
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn \
|
||||
--ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address 172.24.4.226 \
|
||||
--peer-id 172.24.4.226 --local-ep-group my-locals --peer-ep-group my-peers --psk secret
|
||||
openstack vpn ike policy create ikepolicy1
|
||||
openstack vpn ipsec policy create ipsecpolicy1
|
||||
openstack vpn service create --description "My vpn service" \
|
||||
--router router1 myvpn
|
||||
openstack vpn endpoint group create --type subnet --value mysubnet my-locals
|
||||
openstack vpn endpoint group create --type cidr --value 10.1.0.0/24 my-peers
|
||||
openstack vpn ipsec site connection create --vpnservice myvpn \
|
||||
--ikepolicy ikepolicy1 --ipsecpolicy ipsecpolicy1 \
|
||||
--peer-address 172.24.4.226 --peer-id 172.24.4.226 \
|
||||
--local-endpoint-group my-locals --peer-endpoint-group my-peers \
|
||||
--psk secret vpnconnection1
|
||||
|
||||
.. note::
|
||||
|
||||
@ -176,19 +182,21 @@ to be created, and a VM spun up in each private network.
|
||||
|
||||
# Create second net, subnet, router
|
||||
source ~/devstack/openrc admin demo
|
||||
neutron net-create privateB
|
||||
neutron subnet-create --name subB privateB 10.2.0.0/24 --gateway 10.2.0.1
|
||||
neutron router-create routerB
|
||||
neutron router-interface-add routerB subB
|
||||
neutron router-gateway-set routerB public
|
||||
openstack network create privateB
|
||||
openstack subnet create --network privateB --subnet-range 10.2.0.0/24 --gateway 10.2.0.1 subB
|
||||
openstack router create routerB
|
||||
openstack router add subnet routerB subB
|
||||
openstack router set --external-gateway public routerB
|
||||
|
||||
# Start up a VM in the privateA subnet.
|
||||
PRIVATE_NET=`neutron net-list | grep 'private ' | cut -f 2 -d' '`
|
||||
nova boot --flavor 1 --image cirros-0.3.5-x86_64-uec --nic net-id=$PRIVATE_NET peter
|
||||
PRIVATE_NET=`openstack network show private -c id -f value`
|
||||
openstack server create --flavor 1 --image cirros-0.3.5-x86_64-uec \
|
||||
--nic net-id=$PRIVATE_NET peter
|
||||
|
||||
# Start up a VM in the privateB subnet
|
||||
PRIVATE_NETB=`neutron net-list | grep privateB | cut -f 2 -d' '`
|
||||
nova boot --flavor 1 --image cirros-0.3.5-x86_64-uec --nic net-id=$PRIVATE_NETB paul
|
||||
PRIVATE_NETB=`openstack network show privateB -c id -f value`
|
||||
openstack server create --flavor 1 --image cirros-0.3.5-x86_64-uec \
|
||||
--nic net-id=$PRIVATE_NETB paul
|
||||
|
||||
At this point, you can verify that you have basic connectivity.
|
||||
|
||||
@ -205,21 +213,27 @@ The following commands will create the IPsec connection:
|
||||
.. code-block:: none
|
||||
|
||||
# Create VPN connections
|
||||
neutron vpn-ikepolicy-create ikepolicy
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy
|
||||
neutron vpn-service-create --name myvpn --description "My vpn service" router1
|
||||
neutron vpn-endpoint-group-create --name my-localsA --type subnet --value privateA
|
||||
neutron vpn-endpoint-group-create --name my-peersA --type cidr --value 10.2.0.0/24
|
||||
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn \
|
||||
--ikepolicy-id ikepolicy --ipsecpolicy-id ipsecpolicy --peer-address 172.24.4.13 \
|
||||
--peer-id 172.24.4.13 --local-ep-group my-localsA --peer-ep-group my-peersA --psk secret
|
||||
openstack vpn ike policy create ikepolicy
|
||||
openstack vpn ipsec policy create ipsecpolicy
|
||||
openstack vpn service create --router router1 \
|
||||
--description "My vpn service" myvpn
|
||||
openstack vpn endpoint group create --type subnet --value privateA my-localsA
|
||||
openstack vpn endpoint group create --type cidr --value 10.2.0.0/24 my-peersA
|
||||
openstack vpn ipsec site connection create --vpnservice myvpn \
|
||||
--ikepolicy ikepolicy --ipsecpolicy ipsecpolicy \
|
||||
--peer-address 172.24.4.13 --peer-id 172.24.4.13 \
|
||||
--local-endpoint-group my-localsA --peer-endpoint-group my-peersA \
|
||||
--psk secret vpnconnection1
|
||||
|
||||
neutron vpn-service-create --name myvpnB --description "My vpn serviceB" routerB
|
||||
neutron vpn-endpoint-group-create --name my-localsB --type subnet --value subB
|
||||
neutron vpn-endpoint-group-create --name my-peersB --type cidr --value 10.1.0.0/24
|
||||
neutron ipsec-site-connection-create --name vpnconnection2 --vpnservice-id myvpnB \
|
||||
--ikepolicy-id ikepolicy --ipsecpolicy-id ipsecpolicy --peer-address 172.24.4.11 \
|
||||
--peer-id 172.24.4.11 --local-ep-group my-localsB --peer-ep-group my-peersB --psk secret
|
||||
openstack vpn service create --router routerB \
|
||||
--description "My vpn serviceB" myvpnB
|
||||
openstack vpn endpoint group create --type subnet --value subB my-localsB
|
||||
openstack vpn endpoint group create --type cidr --value 10.1.0.0/24 my-peersB
|
||||
openstack vpn ipsec site connection create --vpnservice myvpnB \
|
||||
--ikepolicy ikepolicy --ipsecpolicy ipsecpolicy \
|
||||
--peer-address 172.24.4.11 --peer-id 172.24.4.11 \
|
||||
--local-endpoint-group my-localsB --peer-endpoint-group my-peersB \
|
||||
--psk secret vpnconnection2
|
||||
|
||||
At this point (once the connections become active - which can take up to 30 seconds or so),
|
||||
you should be able to ping from the VM in the privateA network, to the VM in the privateB
|
||||
@ -252,17 +266,18 @@ of VPN, in the future. An example:
|
||||
.. code-block:: none
|
||||
|
||||
# Create VPN connections
|
||||
neutron vpn-ikepolicy-create ikepolicy
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy
|
||||
neutron vpn-service-create --name myvpnC --description "My vpn service" router1
|
||||
openstack vpn ike policy create ikepolicy
|
||||
openstack vpn ipsec policy create ipsecpolicy
|
||||
openstack vpn service create --router router1 \
|
||||
--description "My vpn service" myvpnC
|
||||
|
||||
To prepare for an IPsec site-to-site, one would create an endpoint group for
|
||||
the local subnets, and an endpoint group for the peer CIDRs, like so:
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
neutron vpn-endpoint-group-create --name my-locals --type subnet --value privateA --value privateA2
|
||||
neutron vpn-endpoint-group-create --name my-peers --type cidr --value 10.2.0.0/24 --value 20.2.0.0/24
|
||||
openstack vpn endpoint group create --type subnet --value privateA --value privateA2 my-locals
|
||||
openstack vpn endpoint group create --type cidr --value 10.2.0.0/24 --value 20.2.0.0/24 my-peers
|
||||
|
||||
where privateA and privateA2 are two local (private) subnets, and 10.2.0.0/24 and 20.2.0.0/24
|
||||
are two CIDRs representing peer (private) subnets that will be used by a connection.
|
||||
@ -271,9 +286,11 @@ be specified, instead of the peer-cidrs attribute:
|
||||
|
||||
.. code-block:: none
|
||||
|
||||
neutron ipsec-site-connection-create --name vpnconnection3 --vpnservice-id myvpnC \
|
||||
--ikepolicy-id ikepolicy --ipsecpolicy-id ipsecpolicy --peer-address 172.24.4.11 \
|
||||
--peer-id 172.24.4.11 --local-ep-group my-locals --peer-ep-group my-peers --psk secret
|
||||
openstack vpn ipsec site connection create --vpnservice myvpnC \
|
||||
--ikepolicy ikepolicy --ipsecpolicy ipsecpolicy \
|
||||
--peer-address 172.24.4.11 --peer-id 172.24.4.11 \
|
||||
--local-endpoint-group my-locals --peer-endpoint-group my-peers \
|
||||
--psk secret vpnconnection3
|
||||
|
||||
.. note::
|
||||
- The validation logic makes sure that endpoint groups and peer CIDRs are not intermixed.
|
||||
|
||||
@ -1,52 +1,58 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
EXT_NW_ID=`neutron net-list | awk '/public/{print $2}'`
|
||||
EXT_NW_ID=`openstack network show public -c id -f value`
|
||||
EXTERNAL_SUBNET_IP_VERSION='v4'
|
||||
WEST_SUBNET='192.168.1.0/24'
|
||||
EAST_SUBNET='192.168.2.0/24'
|
||||
|
||||
function setup_site(){
|
||||
local site_name=$1
|
||||
local cidr=$2
|
||||
neutron net-create net_$site_name
|
||||
neutron subnet-create --name subnet_$site_name net_$site_name $2
|
||||
neutron router-create router_$site_name
|
||||
neutron router-interface-add router_$site_name subnet_$site_name
|
||||
neutron router-gateway-set router_$site_name $EXT_NW_ID
|
||||
neutron vpn-service-create --name vpn_$site_name router_$site_name subnet_$site_name
|
||||
openstack network create net_$site_name
|
||||
openstack subnet create --network net_$site_name --subnet-range $2 subnet_$site_name
|
||||
openstack router create router_$site_name
|
||||
openstack router add subnet router_$site_name subnet_$site_name
|
||||
openstack router set --external-gateway $EXT_NW_ID router_$site_name
|
||||
openstack vpn service create --subnet subnet_$site_name --router router_$site_name vpn_$site_name
|
||||
}
|
||||
|
||||
function get_external_ip(){
|
||||
local router_id=`neutron router-show $1 | awk '/ id /{print $4}'`
|
||||
echo `neutron port-list -c fixed_ips -c device_id -c device_owner|grep router_gateway | awk '/'.$router_id.'/{print $5}' | sed 's/["}]//g'`
|
||||
echo `openstack vpn service show $1 -c external_${EXTERNAL_SUBNET_IP_VERSION}_ip -f value`
|
||||
}
|
||||
|
||||
function clean_site(){
|
||||
local site_name=$1
|
||||
neutron ipsec-site-connection-delete conn_$site_name
|
||||
neutron vpn-service-list | awk '/vpn_'$site_name'/{print "neutron vpn-service-delete " $2}' | bash
|
||||
neutron router-gateway-clear router_$site_name
|
||||
neutron router-interface-delete router_$site_name subnet_$site_name
|
||||
neutron router-list | awk '/router_'$site_name'/{print "neutron router-delete " $2}' | bash
|
||||
neutron subnet-list | awk '/subnet_'$site_name'/{print "neutron subnet-delete " $2}' | bash
|
||||
neutron net-list | awk '/net_'$site_name'/{print "neutron net-delete " $2}' | bash
|
||||
openstack vpn ipsec site connection delete conn_$site_name
|
||||
openstack vpn service delete vpn_$site_name
|
||||
openstack router unset --external-gateway router_$site_name
|
||||
openstack router remove subnet router_$site_name subnet_$site_name
|
||||
openstack router delete router_$site_name
|
||||
openstack subnet delete subnet_$site_name
|
||||
openstack network delete net_$site_name
|
||||
}
|
||||
|
||||
function setup(){
|
||||
neutron vpn-ikepolicy-create ikepolicy1
|
||||
neutron vpn-ipsecpolicy-create ipsecpolicy1
|
||||
openstack vpn ike policy create ikepolicy1
|
||||
openstack vpn ipsec policy create ipsecpolicy1
|
||||
setup_site west $WEST_SUBNET
|
||||
WEST_IP=$(get_external_ip router_west)
|
||||
WEST_IP=$(get_external_ip vpn_west)
|
||||
setup_site east $EAST_SUBNET
|
||||
EAST_IP=$(get_external_ip router_east)
|
||||
neutron ipsec-site-connection-create --name conn_east --vpnservice-id vpn_east --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $WEST_IP --peer-id $WEST_IP --peer-cidr $WEST_SUBNET --psk secret
|
||||
neutron ipsec-site-connection-create --name conn_west --vpnservice-id vpn_west --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $EAST_IP --peer-id $EAST_IP --peer-cidr $EAST_SUBNET --psk secret
|
||||
EAST_IP=$(get_external_ip vpn_east)
|
||||
openstack vpn ipsec site connection create \
|
||||
--vpnservice vpn_east --ikepolicy ikepolicy1 --ipsecpolicy ipsecpolicy1 \
|
||||
--peer-address $WEST_IP --peer-id $WEST_IP --peer-cidr $WEST_SUBNET \
|
||||
--psk secret conn_east
|
||||
openstack vpn ipsec site connection create \
|
||||
--vpnservice vpn_west --ikepolicy ikepolicy1 --ipsecpolicy ipsecpolicy1 \
|
||||
--peer-address $EAST_IP --peer-id $EAST_IP --peer-cidr $EAST_SUBNET \
|
||||
--psk secret conn_west
|
||||
}
|
||||
|
||||
function cleanup(){
|
||||
clean_site west
|
||||
clean_site east
|
||||
neutron vpn-ikepolicy-delete ikepolicy1
|
||||
neutron vpn-ipsecpolicy-delete ipsecpolicy1
|
||||
openstack vpn ike policy delete ikepolicy1
|
||||
openstack vpn ipsec policy delete ipsecpolicy1
|
||||
}
|
||||
|
||||
cleanup
|
||||
|
||||
Loading…
Reference in New Issue
Block a user