Hi Felipe, Very Strange.
1) I assume the communication on the private IP is fine between VR and VMs? 2) What's version of ACS and hyper-visor? Just a small suggestion: VRs are bit strange creatures in ACS world.....just try to do clean network restart so it will create a brand new VR. Rebooting this way have solved few network related issues for me in past. -- Makrand On Mon, Jan 9, 2017 at 12:08 AM, Felipe Arturo Polanco < felipeapola...@gmail.com> wrote: > Hi Makrand, > > Thanks for the information. > > I have acquired and assigned the public IP to the VM and with tcpdump I can > see the packets coming into the public interface but they never get out via > the private interface in the Virtual Router. > > When I do a whatsmyip query on the VM I see it still uses the VR Public IP > for getting Public access. > > I double checked the iptables rules and I can see the Static NAT rules > being present in the chains for the acquired IP so it still a mystery why > the packets are not going out to the private NIC and the VM traffic still > uses the Source NAT instead of Static NAT for egress communication. > > My egress rules for the network are allow ALL in 0.0.0.0/0 > > On Sun, Jan 8, 2017 at 12:44 PM, Makrand <makrandsa...@gmail.com> wrote: > > > Hi Felipe, > > > > Have a look at below screenshot which will help you to navigate to > firewall > > menu for static NAT:- > > > > https://snag.gy/u2goXN.jpg > > > > 1) Once you acquire a new public IP (static NAT) you need to hook it to > VM > > behind that network. > > > > 2) If you think you've set everything right (as like above) and if things > > still aren't working, then run tcpdump on VR interface (eth2 mostly) > where > > your public IP is hooked. See you're getting any packets at all on that > > public IP from your source IP for desired ports. If not, then you need > to > > configure ports properly at physical firewall for public IP. > > > > -- > > Makrand > > > > > > On Sat, Jan 7, 2017 at 6:55 AM, Felipe Arturo Polanco < > > felipeapola...@gmail.com> wrote: > > > > > Hi, > > > > > > Can anyone provide me a link to how to adjust the firewall with static > > Nat > > > of a virtual router? > > > > > > My VMs can get access to the Internet via the virtual router but when I > > > assign a public IP via static Nat nothing happens, looks like the > > firewall > > > is not allowing outside communication. > > > > > > I put some rules on the static IP like icmp 8,0 or tcp port 22 but no > > > response. > > > > > > I'm using the default isolated network offering with nat. > > > > > > Any guest? > > > > > >
