In VLAN networking mode, the second IP in each private network is reserved for the cloudpipe instance. This gives a consistent IP to the instance so that nova-network can create forwarding rules for access from the outside world. The network for each project is given a specific high-numbered port on the public IP of the network host. This port is automatically forwarded to 1194 on the VPN instance.
If specific high numbered ports do not work for
your users, you can always allocate and associate
a public IP to the instance, and then change the
vpn_public_ip and
vpn_public_port in the
database. Rather than using the database directly,
you can also use nova-manage vpn change
[new_ip]
[new_port]
