That's not you check it, CentOS 7 now comes with firewalld and the iptables-services are not installed by defaut. "iptables-save" will output the current state of the firewall
-- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "Sean Lair" <sl...@ippathways.com> > To: users@cloudstack.apache.org > Sent: Saturday, 6 February, 2016 22:56:23 > Subject: RE: Guest VMs cannot access Internet > Thanks for the response! the iptables service is currently stopped: > > # systemctl stop iptables > Failed to stop iptables.service: Unit iptables.service not loaded. > > -----Original Message----- > From: Nux! [mailto:n...@li.nux.ro] > Sent: Saturday, February 6, 2016 4:13 PM > To: users@cloudstack.apache.org > Subject: Re: Guest VMs cannot access Internet > > Hi Sean, > > Have you double checked iptables rules are correct (or disabled) on the > underlying KVM hypervisor? > > Lucian > > -- > Sent from the Delta quadrant using Borg technology! > > Nux! > www.nux.ro > > ----- Original Message ----- >> From: "Sean Lair" <sl...@ippathways.com> >> To: users@cloudstack.apache.org >> Sent: Saturday, 6 February, 2016 21:47:19 >> Subject: Guest VMs cannot access Internet > >> Hi all, >> >> I'm having an issue I'm hoping you can assist with. Brand new >> Cloudstack 4.8 deployment running on CentOS7 and KVM hypervisors. >> Using advanced networking with VLAN isolation. >> >> Deploying new VMs using the default CentOS5.5 instance works great. >> The virtual router is deployed as expected to perform source NAT. If >> I log into the virtual router, it can ping the Internet and the guest >> VMs. The guest VMs can ping each other as they are on the same >> subnet. The virtual router has an Internet public IP it is using for Source >> NAT. >> >> The guest VMs however cannot access the Internet. Under the public IP >> address [Source NAT] -> Firewall, I'm allowing 0.0.0.0/0 ICMP with >> "-1" for ICMP Type and code. For the Egress rules for the guest >> network, I have 0.0.0.0/0 All protocols and All ports. I can ping the >> outside of the virtual router (public >> IP) from the Internet. >> >> From my troubleshooting above I'm guessing it is something to do with >> the virtual router, but am not sure how to troubleshoot next. >> >> Thanks in advance for any assistance. >> >> Thanks > > Sean
