Thanks Gaurav. I see that we can configure only Egress Rules for a Network. Why not Ingress Rules ?
-Pradeep ________________________________ From: Gaurav Aradhye <gaurav.arad...@clogeny.com> To: "dev@cloudstack.apache.org" <dev@cloudstack.apache.org>; Pradeep Cloudstack <pradeepcloudst...@yahoo.com> Sent: Thursday, September 18, 2014 11:57 AM Subject: Re: Inter-network Communication Pradeep, You have not mentioned any intern-network communication here. If all departments are independent, you can have isolated network for each account and then configure FireWall Rules for the network individually according to you needs. Another option is you can use security groups in advanced zone. Have security group for each department, and then you can configure traffic for each security group. You can also specify the communication between two security groups with the help of ingress and egress rules. Regards, Gaurav On Thu, Sep 18, 2014 at 9:22 AM, Pradeep Cloudstack < pradeepcloudst...@yahoo.com.invalid> wrote: > I am working on a Proof-Of-Concept for a private cloud setup. > Here is the organizational requirement: > - Organization has Finance, Engineering and Marketing departments > - Each Dept has a Cloudstack account > - Each Dept has a separate network to which VMs are attached > - Access to the Finance Dept Network should go through Firewall security > - Access to the Marketing Dept Network shouldnot go through Firewall > security > > - VMs in Engineering network can only communicate with each other but not > with VMs in other networks > > > The VPC feature doesnot help in this case as there are different accounts > for each tenant > > Can you pls guide me on how I can achieve this ? > > > -Pradeep > > > ________________________________ > From: Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com> > To: "<dev@cloudstack.apache.org>" <dev@cloudstack.apache.org>; Pradeep > Cloudstack <pradeepcloudst...@yahoo.com> > Sent: Wednesday, September 17, 2014 5:03 PM > Subject: Re: Inter-network Communication > > > Hi Pradeep, > > In cloudstack create network and launch vm in that to create router. > To communicate between the networks depends on the network type in > cloudstack. > > If you want multiple networks with single router use VPC networks/tiers > and configure ACL between them. > > Isolated networks will one router per each network. If vm want to > communicate to other network > it can be done by adding nic in that network or Create nat,firewall rules > to reach vms in other network. > > Thanks, > Jayapal > > > On 17-Sep-2014, at 4:40 PM, Pradeep Cloudstack > <pradeepcloudst...@yahoo.com.INVALID> > wrote: > > > In OpenStack, there is a workflow wherein user can create multiple > networks, then create a router > > and attach to it some of the previously created networks to enable > inter-network communication. > > > > What is the equivalent workflow in Cloudstack ? > > > > -Pradeep >