pfSense to Cisco IPSEC Tunnel

pFSense config

c

b a

Cisco Config

Replace GigabitEthernet0/0 for your interface

Replace list 100 for your NAT list

Replace the Key and IP’s

Update the Access list to reflect your subnet’s

!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key XXXX address 1.2.3.4 no-xauth
!
!
crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
!
crypto map PFSVPN 15 ipsec-isakmp
set peer 1.2.3.4
set transform-set 3DES-SHA
set pfs group2
match address encrypt-to-dc
!

interface GigabitEthernet0/0
Description WAN Interface
...
crypto map PFSVPN

ip nat inside source list 100 interface GigabitEthernet0/0 overload

access-list 100 deny   ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
access-list 100 permit ip 192.168.20.0 0.0.0.255 any

ip access-list extended encrypt-to-dc
 permit ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
!

 

Cinder – Resize root volume

To resize the root volume of an instance can be tricky, this worked for me

Note some commands, particularly “cinder reset-state” returned a HTTP 403, i had to run those as admin

 

[root@vm-os-ks01 ~]# source admin.rc
[root@vm-os-ks01 ~]# cinder reset-state --state available b35e676a-7593-458d-b6f4-cc60e075cfd4
[root@vm-os-ks01 ~]# nova volume-list
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| ID                                   | Status    | Display Name | Size | Volume Type | Attached to                          |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| e1072658-7399-4505-a563-a5b6ed062325 | in-use    |              | 10   | sata        | 11684d86-5e17-4760-a32b-26ed6c47f1c1 |
| b5ac679f-76ae-45aa-b6ae-c2d4d87a97d0 | in-use    |              | 10   | sata        | 65717578-a520-4c63-a3b4-63537bce2332 |
| c3c88bc1-a6b8-4bdc-b1b1-d399b0696be8 | in-use    |              | 10   | sata        | 815043a2-44fa-487e-9912-ecc015bf6a46 |
| bef780ff-ac9f-492d-9504-11062e30acdf | in-use    |              | 40   | sata        | 76d7a922-3b5e-4154-ab61-cfca7810369d |
| b35e676a-7593-458d-b6f4-cc60e075cfd4 | available |              | 40   | sata        | 933899fe-b218-4eff-b2b1-658ae8068350 |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
[root@vm-os-ks01 ~]# cinder extend b35e676a-7593-458d-b6f4-cc60e075cfd4 80
[root@vm-os-ks01 ~]# nova volume-list
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| ID                                   | Status    | Display Name | Size | Volume Type | Attached to                          |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
| e1072658-7399-4505-a563-a5b6ed062325 | in-use    |              | 10   | sata        | 11684d86-5e17-4760-a32b-26ed6c47f1c1 |
| b5ac679f-76ae-45aa-b6ae-c2d4d87a97d0 | in-use    |              | 10   | sata        | 65717578-a520-4c63-a3b4-63537bce2332 |
| c3c88bc1-a6b8-4bdc-b1b1-d399b0696be8 | in-use    |              | 10   | sata        | 815043a2-44fa-487e-9912-ecc015bf6a46 |
| bef780ff-ac9f-492d-9504-11062e30acdf | in-use    |              | 40   | sata        | 76d7a922-3b5e-4154-ab61-cfca7810369d |
| b35e676a-7593-458d-b6f4-cc60e075cfd4 | available |              | 80   | sata        | 933899fe-b218-4eff-b2b1-658ae8068350 |
+--------------------------------------+-----------+--------------+------+-------------+--------------------------------------+
[root@vm-os-ks01 ~]# cinder reset-state --state in-use b35e676a-7593-458d-b6f4-cc60e075cfd4
[root@vm-os-ks01 ~]# nova volume-list
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
| ID                                   | Status | Display Name | Size | Volume Type | Attached to                          |
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
| e1072658-7399-4505-a563-a5b6ed062325 | in-use |              | 10   | sata        | 11684d86-5e17-4760-a32b-26ed6c47f1c1 |
| b5ac679f-76ae-45aa-b6ae-c2d4d87a97d0 | in-use |              | 10   | sata        | 65717578-a520-4c63-a3b4-63537bce2332 |
| c3c88bc1-a6b8-4bdc-b1b1-d399b0696be8 | in-use |              | 10   | sata        | 815043a2-44fa-487e-9912-ecc015bf6a46 |
| bef780ff-ac9f-492d-9504-11062e30acdf | in-use |              | 40   | sata        | 76d7a922-3b5e-4154-ab61-cfca7810369d |
| b35e676a-7593-458d-b6f4-cc60e075cfd4 | in-use |              | 80   | sata        | 933899fe-b218-4eff-b2b1-658ae8068350 |
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
[root@vm-os-ks01 ~]#