Hi Jon,
For normal isolated networks the ingress rules are on the firewall
configuration option under each individual public IP address – as oppose to
egress rules which apply to the whole network.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 06/07/2018, 12:17, "Jon Marshall" <jms....@hotmail.co.uk> wrote:
Quick update re question 2) - where
I created a VPC and added a static NAT and it worked as expected. I think
this may well be because with VPCs you can configure both ingress and egress
rules whereas with a guest isolated network I don't seem to have the ingress
option.
________________________________
From: Jon Marshall <jms....@hotmail.co.uk>
Sent: 06 July 2018 09:26
To: users@cloudstack.apache.org
Subject: Isolated network and ingress rules
Have setup advanced network 4.11 KVM and it seems to be a lot more
intuitive than basic networking (at least to me 😊)
Just a couple of quick questions -
1) when I add a new isolated network with source NAT through the UI no
matter what I enter in the Guest gateway and Guest netmask boxes it just uses
the initial CIDR block I specified when building the zone. And it reuses this
for every new isolated network.
Is this normal behaviour ?
2) I tried to add a static NAT for one of the VMs in an isolated network. I
know the mapping works because a "curl icanhazip.com" returns the static IP
rather than the one used by all the other VMs but I cannot connect to the
statically mapped VM from outside.
When I go to the Network details in the UI I have egress rules I can edit
but no ingress rules tab.
Again is this to be expected and if it is any pointers on how to get it
working.
Thanks
dag.sonst...@shapeblue.com
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
