@@ -934,7 +934,7 @@ function _configure_neutron_l3_agent {

     Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE

     if is_service_enabled q-vpn; then

-        cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE

+        neutron_vpn_configure_agent

     fi

     cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE

@@ -12,6 +12,13 @@ IPSEC_PACKAGE=${IPSEC_PACKAGE:-"openswan"}

 function neutron_vpn_install_agent_packages {

     install_package $IPSEC_PACKAGE

+    if is_ubuntu && [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then

+        sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.charon /etc/apparmor.d/disable/

+        sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.stroke /etc/apparmor.d/disable/

+        # NOTE: Due to https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1387220

+        # one must use 'sudo start apparmor ACTION=reload' for Ubuntu 14.10

+        restart_service apparmor

+    fi

 }

 function neutron_vpn_configure_common {

@@ -19,6 +26,18 @@ function neutron_vpn_configure_common {

     _neutron_deploy_rootwrap_filters $NEUTRON_VPNAAS_DIR

 }

+function neutron_vpn_configure_agent {

+    cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE

+    if [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then

+        iniset_multiline $Q_VPN_CONF_FILE vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver

+        if is_fedora; then

+            iniset $Q_VPN_CONF_FILE strongswan default_config_area /usr/share/strongswan/templates/config/strongswan.d

+        fi

+    else

+        iniset_multiline $Q_VPN_CONF_FILE vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver

+    fi

+}

+

 function neutron_vpn_stop {

     local ipsec_data_dir=$DATA_DIR/neutron/ipsec

     local pids