Hi, we build public ipsec service and use rancher for scale our service now, and we have trouble with port conflict. we cannot use alternate ports (for example 501/udp,4501/udp) because service is public, and if we do that we must edit service list for each client. it is not possible. can i ask you for editing your ipsec service for alternate ports use?
PS. i’m sure what it right move for rancher service and it help to use rancher for build ipsec services in future
Currently this is impossible to do in Rancher, but we will most likely be reviewing our ipsec stack in the future and can consider providing the ability to edit our ipsec service or alternate ports.
I’ve created a feature request in Github to track this.
https://github.com/rancher/rancher/issues/2139
we are faced with a similar problem where we need access to rancher hosted service via a a "external"IPsec VPN. The VPN should be provided as a a service (similar seen in OPenStack) so somebody can send requests to an IP of a rancher managed network