Hi! I think your facing a bug already discussed here. After reloading (imho doesn't matter if you check "clean up") the network, the egress rules are applied. So just reload every net with egress rules :)
Oh and don't know if that made it already to https://github.com/apache/cloudstack/issues so if you would be so kind to open an issue? cheers, - Stephan Am Dienstag, den 10.04.2018, 10:43 +0200 schrieb Martin Emrich: > Hi! > > I upgraded my test cluster from 4.9 to 4.11. The default policy for > isolated networks is "Deny". > > But now, adding rules to allow egress traffic are not applied to the > virtual router. adding a 0.0.0.0/0 rule looks fine from the UI, but does > not appear in the iptables output on the VR.
Description: This is a digitally signed message part