Thanks Wei! Another thing, can I set a default firewall rule? For egress, I’ll check the networking offering
Thanks, Irvin > On Oct 21, 2021, at 4:44 PM, Wei ZHOU <ustcweiz...@gmail.com> wrote: > > Hi SVI, > > It looks like you do use an advanced zone. > > If your users create vm on isolated networks, please see my first reply. > If your users create vm on shared networks, firewall/ingress/egress rule is > not supported in cloudstack. You need to configure the firewall in vms. > > -Wei > > On Thu, 21 Oct 2021 at 10:15, SVI <jcapagc...@svi.com.ph > <mailto:jcapagc...@svi.com.ph>> wrote: > I’m currently using 4.15.2, Zone and cluster is XenServer, XCP-NG 8.2.0. > > Additional details: > > Zone: > Network Type: Advanced > Security Groups: Disabled > 2 Physical Networks > <Screen Shot 2021-10-21 at 4.10.39 PM.png> > > Pod: > <Screen Shot 2021-10-21 at 4.12.12 PM.png> > > Cluster: > <Screen Shot 2021-10-21 at 4.13.04 PM.png> > > Host: > > > Thanks, > Irvin > >> On Oct 21, 2021, at 3:59 PM, Wei ZHOU <ustcweiz...@gmail.com >> <mailto:ustcweiz...@gmail.com>> wrote: >> >> Hi, >> >> As I said, please give more details. Otherwise, it is hard to answer >> your questions. >> >> for example, zone type, network type, hypervisor ... >> >> -Wei >> >> >> >> On Thu, 21 Oct 2021 at 09:49, SVI <jcapagc...@svi.com.ph >> <mailto:jcapagc...@svi.com.ph>> wrote: >> >>> Hi Wei, >>> >>> Unfortunately, I am not using advanced zone. And yes, the Cloudstack UI >>> (4.15.2) is exposed to users. >>> >>> Thanks. >>> >>>> On Oct 21, 2021, at 2:37 PM, Wei ZHOU <ustcweiz...@gmail.com >>>> <mailto:ustcweiz...@gmail.com>> wrote: >>>> >>>> Hi, >>>> >>>> I assume you use isolated networks in advanced zone. >>>> the firewall rule list is empty by default, egress rule can be "allow >>> all" >>>> or "deny all" per network(check 'default egress policy' of network >>> offering) >>>> >>>> Do you expose cloudstack api/ui to users ? It's better to give more >>> details. >>>> >>>> -Wei >>>> >>>> On Thu, 21 Oct 2021 at 02:52, SVI <jcapagc...@svi.com.ph >>>> <mailto:jcapagc...@svi.com.ph>> wrote: >>>> >>>>> Hi, >>>>> >>>>> I need help in setting up default networking for new users that will >>>>> create an instance. I wanted it to have a default firewall rule and >>> default >>>>> egress rule so they don’t need to set it up on initial creation of >>>>> instance. How can I do this? >>>>> >>>>> Thanks. >>> >>> >
