Joining the Conversation
Cato Professional ServicesHi Christian,
I hope the info is still useful as it has been a while since you asked.
Here is a working example of a module to achieve what you require.
Currently it seems we need to update the provider as it requires us to give a value for "primary_cato_pop_ip" when in this example it is not actually needed. If you just use any allocated IP from your account it should suffice.
module "ipsec-generic-ha-fully-customized" {
source = "catonetworks/ipsec-generic/cato"
ha_tunnels = false
site_name = "My-Cato-IPSec-Site-ha"
site_description = "IPSec Example Site"
native_network_range = "172.100.0.0/24"
primary_cato_pop_ip = "216.252.178.46" # Currently required but will be removed in a future version of the module, you can use the IP of any Cato IP address in your accounts Allocation.
primary_pop_location_id = "19" # Primary POP Location ID (e.g., 19 for London)
cato_local_networks = ["10.41.0.0/16", "10.254.254.0/24"]
peer_networks = ["servers:172.100.0.0/24", "desktops:172.100.1.0/24"]
peer_primary_public_ip = null
peer_secondary_public_ip = null
cato_connectionMode = "RESPONDER_ONLY"
primary_destination_type = "FQDN"
cato_identificationType = "FQDN"
downstream_bw = 100
upstream_bw = 100
site_location = {
city = "New York City"
country_code = "US"
state_code = "US-NY"
timezone = "America/New_York"
}
}
