[
https://issues.apache.org/jira/browse/CLOUDSTACK-324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13475220#comment-13475220
]
edison su commented on CLOUDSTACK-324:
--------------------------------------
You can disable security group, if you don't want it. To disable security
group, ref:
http://download.cloud.com/releases/3.0.0/CloudStack3.0.0-3.0.2InstallGuide.pdf,
page 49, DefaultSharedNetworkOfferingWithSGService
> Cannot edit default security group rules, default security group blocks all
> inbound traffic.
> --------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-324
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-324
> Project: CloudStack
> Issue Type: Bug
> Affects Versions: pre-4.0.0
> Reporter: Max Clark
> Assignee: Wido den Hollander
> Labels: iptables, network, security
> Fix For: 4.1.0
>
>
> When configuring basic networking, by default the network is created with the
> "DefaultSharedNetworkOffering". This offering does not have a security group.
> No inbound traffic is allowed to the created VMs. Reading the AdminGuide
> documentation:
> "Each CloudStack account comes with a default security group that denies all
> inbound traffic and allows all outbound traffic. The default security group
> can be modified so that all new VMs inherit some other desired set of rules."
> If a network is created without a security group, it shouldn't have a
> security group and all inbound/outbound traffic should be allowed - or at the
> very least the default security group should be able to be configured.
> http://www.cloudstack.com/forum/8-storage-and-networking/7054-vm-instance-cant-be-accessd-using-basic-networking.html?limit=6&start=6#7084
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
