You could create a network offering with only DNS, DHCP & UserData services and also the Specify VLAN option enabled, then use this to create a guest network with public IPs. You would need to ensure the chosen IP Range and VLAN Zmaps through to a physical router.
Alternatively you could try the Static NAT feature. This maps a public IP to a single guest VM. You just need to acquire an additional IP first. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel:+442036030540>| M: +447968161581<tel:+447968161581> geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com> |www.shapeblue.com<htp://www.shapeblue.com/> | Twitter:@shapeblue<https://twitter.com/#!/shapeblue> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS<x-apple-data-detectors://5> On 20 Dec 2013, at 09:28, "Francesco Maria Magnini" <fmm1...@gmail.com<mailto:fmm1...@gmail.com>> wrote: Thanks for the clarification, it makes sense. So far I have instances attached to the 10.1.1.0/24 guest network, and I have Internet connection through the Virtual Router source-NAT feature. But now, I would like to take one public IP and configure it directly on one instance. Do I need a different range from the one assigned right now to the SSVM? Or can I use for simplicity the same public network subnet declared during advanced zone creation? On Fri, Dec 20, 2013 at 10:16 AM, Geoff Higginbottom < geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com>> wrote: The VR is configured to not respond to pings, probably a anti DDOS measure. If you restart the VR it will respond to pings whilst it is booting, but then the security policies kick in and the responses stop. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: +442036030540> | M: +447968161581<tel:+447968161581> geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com><mailto:geoff.higginbot...@shapeblue.com> | www.shapeblue.com<http://www.shapeblue.com><htp://www.shapeblue.com/> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS<x-apple-data-detectors://37> On 20 Dec 2013, at 08:46, "Francesco Maria Magnini" <fmm1...@gmail.com<mailto:fmm1...@gmail.com> <mailto:fmm1...@gmail.com>> wrote: Where should I add a firewall rule, manually using iptables inside the Virtual Router? Consider that I have no firewall in my network layout preventing ICMP to reach the Virtual Router. On Fri, Dec 20, 2013 at 1:57 AM, Andrei Mikhailovsky <and...@arhont.com<mailto:and...@arhont.com> <mailto:and...@arhont.com>>wrote: Francesco, I believe you need to add a firewall rule to allow ingress ICMP traffic. Once allowed you should be able to ping it. Andrei ----- Original Message ----- From: "Francesco Maria Magnini" <fmm1...@gmail.com<mailto:fmm1...@gmail.com><mailto: fmm1...@gmail.com<mailto:fmm1...@gmail.com>>> To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org><mailto:users@cloudstack.apache.org> Sent: Thursday, 19 December, 2013 11:23:37 PM Subject: Re: [Advanced Zone] Isolated Source NAT issue (NAT not working) Hi Geoff, I've added a "permit all" egress rule (source 0.0.0.0/0 ALL) and now guest VMs can connect to Internet. Is it normal that the Virtual Router is still not reachable through the public network? I cannot ping its public IP address (other 2 public SSVM are pingables). Regards On Thu, Dec 19, 2013 at 7:12 PM, Geoff Higginbottom < geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com><mailto:geoff.higginbot...@shapeblue.com>> wrote: Francesco, Have you enabled egress rules to allow outbound traffic for guest VMs If you are trying to ping the public IP of the VR it will not respond due to security settings, however the SSVM and CPVM do respond. Regards Geoff Higginbottom CTO / Cloud Architect D: +44 20 3603 0542<tel:+442036030542> | S: +44 20 3603 0540<tel: +442036030540>| M: +447968161581<tel:+447968161581> geoff.higginbot...@shapeblue.com<mailto:geoff.higginbot...@shapeblue.com><mailto:geoff.higginbot...@shapeblue.com <mailto:geoff.higginbot...@shapeblue.com |www.shapeblue.com<http://www.shapeblue.com><http://www.shapeblue.com><htp://www.shapeblue.com/> | Twitter:@shapeblue< https://twitter.com/#!/shapeblue> ShapeBlue Ltd, 53 Chandos Place, Covent Garden, London, WC2N 4HS<x-apple-data-detectors://5> On 19 Dec 2013, at 18:04, "Francesco Maria Magnini" <fmm1...@gmail.com<mailto:fmm1...@gmail.com> <mailto:fmm1...@gmail.com> <mailto:fmm1...@gmail.com>> wrote: Hi guys, I cannot ping internet from VMs. Pinging from Virtual Router is ok. In addition, SSVM are reachable from outside (storage/proxy ssvm) through addresses configured in public network range, Virtual router is not reachable (but can ping internet). Any idea? -- "I videogiochi non influenzano i bambini. Voglio dire, se pac-man avesse influenzato la nostra generazione, staremmo tutti saltando in sale scure, masticando pillole magiche e ascoltando musica elettronica ripetitiva..." (Kristian Wilson, Nintendo Inc, 1989) This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. -- "I videogiochi non influenzano i bambini. Voglio dire, se pac-man avesse influenzato la nostra generazione, staremmo tutti saltando in sale scure, masticando pillole magiche e ascoltando musica elettronica ripetitiva..." (Kristian Wilson, Nintendo Inc, 1989) -- "I videogiochi non influenzano i bambini. Voglio dire, se pac-man avesse influenzato la nostra generazione, staremmo tutti saltando in sale scure, masticando pillole magiche e ascoltando musica elettronica ripetitiva..." (Kristian Wilson, Nintendo Inc, 1989) This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark. -- "I videogiochi non influenzano i bambini. Voglio dire, se pac-man avesse influenzato la nostra generazione, staremmo tutti saltando in sale scure, masticando pillole magiche e ascoltando musica elettronica ripetitiva..." (Kristian Wilson, Nintendo Inc, 1989) This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
