The VR is setup to explicitly drop all traffic and then only allow traffic of TCP/UDP/ICMP to be enabled.
I believe this is on the roadmap though, if its not supported already in 4.4: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Region+level+VPC+and+guest+network+spanning+multiple+zones https://cwiki.apache.org/confluence/display/CLOUDSTACK/OVS+distributed+routing+and+network+ACL HTH On Wed, Aug 13, 2014 at 7:34 PM, Steve Searles <ssear...@zimcom.net> wrote: > Anyone know the secret to making pptp server work through a virtual > router. The IP PROT 47 (GRE) seems to not be handled correctly. I have > not dug into the VR any further to troubleshoot, thought I would ask here > and see if there was a quick answer. I have not tried a static nat inside > a vpc yet but I assume that may work. Running CS 4.3.0/Advanced > Networking. (Egress rule 0.0.0.0/0 any) ingress firewall open for ports > 1-65535 and port forwarding for 1-65535 for testing.I know we can just use > the l2tp vpn on the VR and essentially accomplish the same thing, however > this particular application relies on the Microsoft RAS services and > therefore needs to be terminated on the VM instance itself. > > Thanks. > > >