Hi, I had a few things configured on ACS – Basic Zone – Security Groups. Setup: 2 Citrix 6.5 hosts, Mgmt server under CentOS 6.8. Basic Networking, VMs created from template, also CentOS 6.8
At first (default, first VM test) I could not log in using SSH. Then I created the appropriate ingress rule and all was ok. Same with ICMP (Ping) for 0.0.0.0/0 Now I wanted to test a few things in my test environment and removed these rules, actually expecting that neither SSH nor ping would go through anymore. Unfortunately they do, so apparently rules once set are not revoked upon deletion. I would expect nothing to come through, if no ingress rules are set, no matter what iptables on the VM itself does. Tests: - Delete all ingress rules (ping, SSH and webmin (TCP 10000)) - Disable iptables on VM ⇨ Ping, ssh went through, Webmin didn’t. - Enable iptables on VM ⇨ Ping and ssh went through - Insert ingress rule for webmin, iptables still enables ⇨ Webmin times out (expected behaviour) - Disable iptables ⇨ Webmin works In the documentation you are pointed towards the “The procedure is described in Basic Zone Configuration in the Advanced Installation Guide.” (Managing Networks and Traffic – Enabling Security Groups) Searched for it on the Apache Site: Not found. Google gave me the “Advanced Installation Guide” from Citrix, Version 3.*.* … in which you are directed to the administration guide. Not really helpful! Does anybody know about this / experienced something like this before? Jeroen Keerl Keerl IT Services GmbH Birkenstraße 1b . 21521 Aumühle +49 177 6320 317 www.keerl-it.com i...@keerl-it.com Geschäftsführer. Jacobus J. Keerl Registergericht Lubeck. HRB-Nr. 14511 Unsere Allgemeine Geschäftsbedingungen finden Sie hier.
