That might cause you problems with migration down the line (you may have to use pull mode rather than push), but shouldn’t prevent you getting trusted access.
Are you able to try adding trust from a client on the same subnet as the existing server, to rule out the ipsec tunnel?
Unfortunately, no. That is the only remote server setup to use LXD.
For now I was able to get past this by using push mode from the server to the client.
So you were able to use lxc from the existing server back to the new server? I thought 192.168.1.111 couldn’t open connections to 172.16.1.5? Bit confused now.
Sorry for the confusion. I setup a port forward on the client side (public ip NAT to 172.16.1.5). This way 192.168.1.111 was able to reach 172.16.1.5 temporarily (bypassing ipsec tunnel).
It turns out that the ‘time’ of the client was incorrect. After, fixing that I was able to add the remote server.
1 Like
Ah good glad you resolved it. I wonder if the Go HTTPS handler can be made to log a more useful error…