weizhouapache commented on issue #8936: URL: https://github.com/apache/cloudstack/issues/8936#issuecomment-2067734815
> @weizhouapache > Thanks for the update, We can either add a public ip interface to the management server and configure that IP on the endpoint url or do a NAT route on 192.168.10.120 IP and configure public ip on the endpoint url. Our concern is that we need our management ui to be accessed only internally. So configuring public IP on management network we will have to take care of additional security... What is your advice for best practice... However, user vms should be unable to access the management network, otherwise it is a more severe security issue. You can add some firewall rules for the public ip of the management IP. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
