[
https://issues.apache.org/jira/browse/CLOUDSTACK-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13643477#comment-13643477
]
angeline shen commented on CLOUDSTACK-2219:
-------------------------------------------
1. Bug 1: There are no ICMP rules for public IPs allocated for VMs for all
accounts.
Yet able to ping all public IPs
2. Bug 2: There are firewall rules and port forwarding rules for public IPs
allocated for VMs for all accounts.
from laptop, Able to ssh to admin's VMs public IP . This is correct
from laptop, UNAble to ssh to domain admin d1domain's VMs public IP .
This is INCORRECT
from laptop, UNAble to ssh to user d2user's VMs public IP .
This is INCORRECT
> SRX - Unable to ssh VM even when TCP port 22 rule set, able to ping VM even
> when no ICMP rule set
> -------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-2219
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2219
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Affects Versions: 4.2.0
> Environment: MS ACS 4.2 build 4/24/13 7:48 PM revision:
> 299cccf779f75c3ba04d9ec7303bed88394c3562
> host XS 6.0.2
> Reporter: angeline shen
> Assignee: Jayapal Reddy
> Priority: Critical
> Fix For: 4.2.0
>
> Attachments: management-server.log.gz
>
>
> MS ACS 4.2 build 4/24/13 7:48 PM revision:
> 299cccf779f75c3ba04d9ec7303bed88394c3562
> host XS 6.0.2
> 1. SRX network offering : isolated DHCP: virtual router DNS: virtual
> router firewall: SRX userdata:virtual router sourceNAT: SRX
> staticNAT: SRX portforward: SRX sourceNAT type: perzone
> 2. domain: ROOT admin
> domain: /d1 domain admin: d1domain
> domain: /d2 user: d2user
> 3. login: admin create VMs, allocate public IPs .
> for each IP, set firewall rule CIDR 0.0.0.0/0 TCP startport: 1
> endport: 8090
> set portforward rule private port range: 22 - 22 public port range: 22
> - 22 TCP assign to VM
> from external (laptop) test ping VMs and ssh to VMs
> login: d1domain repeat above steps
> login: d2user repeat above steps
> login VM public IP ping
> comment ssh comment
>
> -----------------------------------------------------------------------------------------------------------------------------
>
> admin i-2-17 10.223.123.17 succeed bug
> succeed
> admin i-2-22 10.223.123.20 succeed bug
> succeed
> d1domain i-3-18 10.223.123.18 succeed bug
> fail bug
> d1domain i-3-19 10.223.123.19 succeed bug
> fail bug
> d2user i-4-20 10.223.123.12 succeed bug
> fail bug
> d2user i-4-21 10.223.123.14 succeed bug
> fail bug
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
