diff --git a/redirections.yml b/redirections.yml index e70221531..0b0f3e73c 100644 --- a/redirections.yml +++ b/redirections.yml @@ -873,6 +873,12 @@ - old: "/platform/deployment/unknown-technology" new: "/platform/app/troubleshooting/deployment-issues#unknown-technology" + - old: "/addons/scalingo-vpn-ipsec" + new: "/changelog#changelog-addons-scalingo-vpn-ipsec-deprecated" + + - old: "/addons/scalingo-vpn-ipsec/start" + new: "/changelog#changelog-addons-scalingo-vpn-ipsec-deprecated" + obsolete: - "/how-to-migrate-from-cloudcontrol/" - "/how-to-migrate-from-shelly-cloud/" diff --git a/src/_posts/addons/scalingo-vpn-ipsec/2000-01-01-start.md b/src/_posts/addons/scalingo-vpn-ipsec/2000-01-01-start.md deleted file mode 100644 index f0b7549a0..000000000 --- a/src/_posts/addons/scalingo-vpn-ipsec/2000-01-01-start.md +++ /dev/null @@ -1,92 +0,0 @@ ---- -title: Scalingo VPNC IPSec Addon -nav: Introduction -modified_at: 2023-12-22 00:00:00 -tags: vpn addon custom feature ---- - -## Introduction - -Sometimes, your application may need to reach an infrastructure which -is not opened to the Internet and the only way to access the services -or databases in this infrastructure are to create a VPN connection and -join the private network of this infrastructure. - -This addon provides a way to create VPN connections from your application -containers using the **IPSec** technology. - -{% note %} -This connection is done during the runtime of the application. You don't have access to your VPN network during the build of your application. -{% endnote %} - -## What kind of VPN can it connect to? - -Currently, you can connect to a VPN IPSec (Cisco) in mode client-to-site. The -addon is using the tool `vpnc`, so any VPN compatible with this client will be -working correctly. - -## Setup of the addon - -### Provision the addon - -First, you need to provision the add to your application. This can be done -through the dashboard or with our command line tool. - -```bash -scalingo --app my-app addons-add scalingo-vpn-ipsec vpn-ipsec-standard -``` - -### Setup the configuration - -From the addon tab of your dashboard, click on 'Link to Dashboard' under the -VPN addon icon. You'll arrive on the dashboard of the VPN IPSec addon. It -contains a text area in which you've to write your `vpnc.conf` file. - -Usually such configuration file looks like this: - -```bash -IPSec gateway [server] -IPSec ID [VPN group] -IPSec secret [shared secret] -Xauth username [username] -Xauth password [password] -``` - -Once you've validated the configuration, the environment variable -`SCALINGO_VPNC_CONF` will be added to your application, the app will be -restarted. You'll be able to see in the logs: - -```bash -2016-02-03 13:59:31.321065492 +0100 CET [web-1] -----> Starting VPN connection -2016-02-03 13:59:31.321223270 +0100 CET [web-1] -----> VPNC started in background (pid: 70)... -``` - -### Forbidden configuration - -The configuration instruction `Script` is forbidden - -## Q&A - -- What happen if the connection is cut? - -A connection problem will be detected immediately and we'll attempt a -reconnection instantly. If the reconnection fails because of a problem from -your infrastructure, we'll try to reconnect every 30 seconds. - -- Can I setup site-to-site VPN? - -No, currently site-to-site VPN is not compatible with this addon, it -is only working in client-to-site mode. - -- What happens if the connection fail, will my app be unavailable? - -No, it will be written in the logs that we have not been able to connect your -container to your VPN, but your application will be started correctly. You -should check the configuration and ensure all the fields are correct. - -- Where can I find an comprehensive documentation of the `vpnc.conf` file? - -The [Ubuntu -manpage](https://manpages.ubuntu.com/manpages/jammy/man8/vpnc-connect.8.html) -about vpnc contains all the properties which can be set in the configuration -file. diff --git a/src/_posts/security/overview/2000-01-01-connectivity.md b/src/_posts/security/overview/2000-01-01-connectivity.md index 6eee36e09..2694a1a48 100644 --- a/src/_posts/security/overview/2000-01-01-connectivity.md +++ b/src/_posts/security/overview/2000-01-01-connectivity.md @@ -14,6 +14,6 @@ from the latest security vulnerabilities. ### Customer VPN -We offer the possibility to set up a VPN connection (OpenVPN, IPSec) between your infrastructure and the Scalingo +We offer the possibility to set up a VPN connection (OpenVPN) between your infrastructure and the Scalingo platform. This allows you to securely connect your infrastructure to the platform and to protect your data from unauthorized access. diff --git a/src/changelog/addons/_posts/2026-05-18-scalingo-vpn-ipsec-deprecated.md b/src/changelog/addons/_posts/2026-05-18-scalingo-vpn-ipsec-deprecated.md new file mode 100644 index 000000000..7726fed0e --- /dev/null +++ b/src/changelog/addons/_posts/2026-05-18-scalingo-vpn-ipsec-deprecated.md @@ -0,0 +1,10 @@ +--- +modified_at: 2026-05-18 00:00:00 +title: 'Scalingo VPNC IPSec Addon has been removed' +--- + +The Scalingo VPNC IPSec addon has been removed and can no longer be used. It +was based on the legacy `vpnc` technology and IKEv1, which is deprecated. + +For VPN connectivity from application containers, use the +[Scalingo OpenVPN addon]({% post_url addons/scalingo-openvpn/2000-01-01-start %}).