{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam:::role/"
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2023-07-31T11:05:02.254+0100 [INFO] Terraform version: 1.5.4 | |
2023-07-31T11:05:02.254+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.26.0 | |
2023-07-31T11:05:02.254+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.16.2 | |
2023-07-31T11:05:02.254+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.0 | |
2023-07-31T11:05:02.254+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.2 | |
2023-07-31T11:05:02.254+0100 [INFO] Go runtime version: go1.20.6 | |
2023-07-31T11:05:02.254+0100 [INFO] CLI args: []string{"terraform", "plan", "-no-color"} | |
2023-07-31T11:05:02.254+0100 [TRACE] Stdout is not a terminal | |
2023-07-31T11:05:02.254+0100 [TRACE] Stderr is not a terminal | |
2023-07-31T11:05:02.254+0100 [TRACE] Stdin is a terminal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
config setup | |
uniqueids=no | |
strictcrlpolicy=no | |
conn %default | |
left=10.99.0.174 | |
leftid=vpn.domain.tld | |
leftcert=jumpbox.pem | |
leftsubnet=10.96.0.0/11 | |
leftfirewall=yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
** CLIENT ** | |
root@raspberrypi:~# ipsec up company | |
initiating IKE_SA company[13] to VPN_IP | |
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ] | |
sending packet: from 10.11.3.21[500] to VPN_IP[500] (1400 bytes) | |
received packet: from VPN_IP[500] to 10.11.3.21[500] (38 bytes) | |
parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] | |
peer didn't accept DH group MODP_1536, it requested MODP_2048 | |
initiating IKE_SA company[13] to VPN_IP | |
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
** CLIENT ** | |
# /etc/ipsec.conf | |
config setup | |
uniqueids=no | |
strictcrlpolicy=no | |
charondebug="ike 3, knl 2, cfg 3, mgr 3, chd 2, net 3" | |
conn %default | |
leftid=raspberrypi | |
leftfirewall=yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
May 22 08:01:40 griffio charon-nm: 13[ENC] parsed IKE_AUTH response 1 [ EF(4/4) ] | |
May 22 08:01:40 griffio charon-nm: 13[ENC] received fragment #4 of 4, reassembling fragmented IKE message | |
May 22 08:01:40 griffio charon-nm: 13[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] | |
May 22 08:01:40 griffio charon-nm: 13[IKE] received end entity cert "VPN_HOST_CERT" | |
May 22 08:01:40 griffio charon-nm: 13[CFG] using certificate "VPN_HOST_CERT" | |
May 22 08:01:40 griffio charon-nm: 13[CFG] using trusted ca certificate "CA_CERT_DN" | |
May 22 08:01:40 griffio charon-nm: 13[CFG] checking certificate status of "VPN_HOST_CERT" | |
May 22 08:01:40 griffio charon-nm: 13[CFG] certificate status is not available | |
May 22 08:01:40 griffio charon-nm: 13[CFG] reached self-signed root ca with a path length of 0 | |
May 22 08:01:40 griffio charon-nm: 13[IKE] authentication of 'vpn.domain.tld' with RSA_EMSA_PKCS1_SHA2_256 successful |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
May 22 11:28:10 jumpbox charon: 16[NET] received packet: from REMOTE_NAT_IP[4500] to LOCAL_VPN_IP[4500] (68 bytes) | |
May 22 11:28:10 jumpbox charon: 16[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ] | |
May 22 11:28:10 jumpbox charon: 16[IKE] received EAP identity 'turbo' | |
May 22 11:28:10 jumpbox charon: 16[CFG] sending RADIUS Access-Request to server 'primary' | |
May 22 11:28:10 jumpbox charon: 16[CFG] received RADIUS Access-Challenge from server 'primary' | |
May 22 11:28:10 jumpbox charon: 16[IKE] initiating EAP_MD5 method (id 0x01) | |
May 22 11:28:10 jumpbox charon: 16[ENC] generating IKE_AUTH response 2 [ EAP/REQ/MD5 ] | |
May 22 11:28:10 jumpbox charon: 16[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[4500] (84 bytes) | |
May 22 11:28:10 jumpbox charon: 06[NET] received packet: from REMOTE_NAT_IP[4500] to LOCAL_VPN_IP[4500] (68 bytes) | |
May 22 11:28:10 jumpbox charon: 06[ENC] parsed IKE_AUTH request 3 [ EAP/RES/NAK ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
May 22 11:55:21 jumpbox charon: 05[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (792 bytes) | |
May 22 11:55:21 jumpbox charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] | |
May 22 11:55:21 jumpbox charon: 05[IKE] REMOTE_NAT_IP is initiating an IKE_SA | |
May 22 11:55:21 jumpbox charon: 05[IKE] local host is behind NAT, sending keep alives | |
May 22 11:55:21 jumpbox charon: 05[IKE] remote host is behind NAT | |
May 22 11:55:21 jumpbox charon: 05[IKE] DH group ECP_256 inacceptable, requesting MODP_2048 | |
May 22 11:55:21 jumpbox charon: 05[ENC] generating IKE_SA_INIT response 0 [ N(INVAL_KE) ] | |
May 22 11:55:21 jumpbox charon: 05[NET] sending packet: from LOCAL_VPN_IP[500] to REMOTE_NAT_IP[60440] (38 bytes) | |
May 22 11:55:21 jumpbox charon: 07[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (984 bytes) | |
May 22 11:55:21 jumpbox charon: 07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(H |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ipsec.conf-defaults | |
=================== | |
config setup | |
uniqueids=no | |
strictcrlpolicy=no | |
# nat_traversal=yes | |
#charondebug="ike 2, knl 2, cfg 3, mgr 3, chd 2, net 2" | |
# NOTE: The 'leftid' must be present as a "Subject Alternative Name" in the cert!! | |
conn %default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2017-03-08 16:58:53 DEBUG cinder.volume.drivers.zol Updating volume stats _update_volume_stats /usr/lib/python2.7/dist-packages/cinder/volume/drivers/zol.py:231 | |
2017-03-08 16:59:46 DEBUG cinder.volume.drivers.zol create_volume(49daf7e1-285a-4734-8ba7-f8f90a1ae26d) => share/VirtualMachines/Blade_Center/volume-49daf7e1-285a-4734-8ba7-f8f90a1ae26d create_volume /usr/lib/python2.7/dist-packages/cinder/volume/drivers/zol.py:209 | |
2017-03-08 16:59:49 DEBUG cinder.volume.drivers.zol copy_image_to_volume(volume=49daf7e1-285a-4734-8ba7-f8f90a1ae26d, service=<cinder.image.glance.GlanceImageService object at 0x7fb34a1b45d0>, image=364dac3c-b1a6-402c-956e-aafc50b47c8b) copy_image_to_volume /usr/lib/python2.7/dist-packages/cinder/volume/drivers/zol.py:743 | |
2017-03-08 16:59:49 DEBUG cinder.volume.drivers.zol create_export(49daf7e1-285a-4734-8ba7-f8f90a1ae26d) create_export /usr/lib/python2.7/dist-packages/cinder/volume/drivers/zol.py:681 | |
2017-03-08 16:59:49 DEBUG cinder.volume.drivers.zol create_export: Trying to share "share |
NewerOlder