Pradeep, You can configure ingress rules too. For ex. API authorizeSecurityGroupIngress And if you are not using security groups, then you can configure Port Forawrding/LB rules for specific ports in Isolated networks that will serve as your ingress rules.
Regards, Gaurav On Thu, Sep 18, 2014 at 3:20 PM, Pradeep Cloudstack < pradeepcloudst...@yahoo.com.invalid> wrote: > Thanks Gaurav. > > I see that we can configure only Egress Rules for a Network. Why not > Ingress Rules ? > > -Pradeep > > > > ________________________________ > From: Gaurav Aradhye <gaurav.arad...@clogeny.com> > To: "dev@cloudstack.apache.org" <dev@cloudstack.apache.org>; Pradeep > Cloudstack <pradeepcloudst...@yahoo.com> > Sent: Thursday, September 18, 2014 11:57 AM > Subject: Re: Inter-network Communication > > > Pradeep, > > You have not mentioned any intern-network communication here. If all > departments are independent, you can have isolated network for each account > and then configure FireWall Rules for the network individually according to > you needs. > > Another option is you can use security groups in advanced zone. Have > security group for each department, and then you can configure traffic for > each security group. You can also specify the communication between two > security groups with the help of ingress and egress rules. > > Regards, > Gaurav > > > > > On Thu, Sep 18, 2014 at 9:22 AM, Pradeep Cloudstack < > pradeepcloudst...@yahoo.com.invalid> wrote: > > > I am working on a Proof-Of-Concept for a private cloud setup. > > Here is the organizational requirement: > > - Organization has Finance, Engineering and Marketing departments > > - Each Dept has a Cloudstack account > > - Each Dept has a separate network to which VMs are attached > > - Access to the Finance Dept Network should go through Firewall security > > - Access to the Marketing Dept Network shouldnot go through Firewall > > security > > > > - VMs in Engineering network can only communicate with each other but not > > with VMs in other networks > > > > > > The VPC feature doesnot help in this case as there are different accounts > > for each tenant > > > > Can you pls guide me on how I can achieve this ? > > > > > > -Pradeep > > > > > > ________________________________ > > From: Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com> > > To: "<dev@cloudstack.apache.org>" <dev@cloudstack.apache.org>; Pradeep > > Cloudstack <pradeepcloudst...@yahoo.com> > > Sent: Wednesday, September 17, 2014 5:03 PM > > Subject: Re: Inter-network Communication > > > > > > Hi Pradeep, > > > > In cloudstack create network and launch vm in that to create router. > > To communicate between the networks depends on the network type in > > cloudstack. > > > > If you want multiple networks with single router use VPC networks/tiers > > and configure ACL between them. > > > > Isolated networks will one router per each network. If vm want to > > communicate to other network > > it can be done by adding nic in that network or Create nat,firewall > rules > > to reach vms in other network. > > > > Thanks, > > Jayapal > > > > > > On 17-Sep-2014, at 4:40 PM, Pradeep Cloudstack > > <pradeepcloudst...@yahoo.com.INVALID> > > wrote: > > > > > In OpenStack, there is a workflow wherein user can create multiple > > networks, then create a router > > > and attach to it some of the previously created networks to enable > > inter-network communication. > > > > > > What is the equivalent workflow in Cloudstack ? > > > > > > -Pradeep > > >
