Re: Private and public network access with secuity groups
Hi, It seems that currently there is no way to have both a public network with security groups on one interface (eth0) and an isolated network as a secondary interface (eth1) on one instance at the same time. Does anyone know if this is a planned feature? Thanks. Best Regards, Tomas Leypold On Thursday, May 02, 2024 15:27 CEST, "Tomas Leypold" wrote: > Hi, > In our current in-home libvirt-based solution, we can spin up instances that > have access to the public network (public IP addresses) and a private VLAN > network on a secondary interface. Am I correct in understanding that it > currently isn't possible to have an advanced private network (isolated > network with NAT) and at the same time have access to the public network > secured by security groups on the secondary interface, as you can with some > public cloud providers? Is the closest approach to achieve this through a > static NAT with firewall rules? > Thanks. > --- > Best Regards, > Tomas Leypold > >
Private and public network access with secuity groups
Hi, In our current in-home libvirt-based solution, we can spin up instances that have access to the public network (public IP addresses) and a private VLAN network on a secondary interface. Am I correct in understanding that it currently isn't possible to have an advanced private network (isolated network with NAT) and at the same time have access to the public network secured by security groups on the secondary interface, as you can with some public cloud providers? Is the closest approach to achieve this through a static NAT with firewall rules? Thanks. --- Best Regards, Tomas Leypold
Advice about advanced zone with security groups
Hi, I am new to CloudStack and am trying to create a POC. I am having a problem with Core/Advanced with security groups enabled. With security groups enabled, it seems that the system VM can't connect to the internet. I am getting a "No route to host (Host unreachable)" message in the default template, which I think is because there is no "Public traffic type" with security groups. So, does the advanced zone with security groups work differently than advanced without security groups? I couldn't find anything in the docs, and all the tutorials I found are using advanced without security groups which is working fine for me. Thanks! Regards, Tomas Leypold