Return-Path: X-Original-To: apmail-cloudstack-dev-archive@www.apache.org Delivered-To: apmail-cloudstack-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8C1B1175EB for ; Wed, 15 Oct 2014 18:58:47 +0000 (UTC) Received: (qmail 93883 invoked by uid 500); 15 Oct 2014 18:58:47 -0000 Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org Received: (qmail 93832 invoked by uid 500); 15 Oct 2014 18:58:47 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 93803 invoked by uid 99); 15 Oct 2014 18:58:46 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Oct 2014 18:58:46 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [209.85.216.53] (HELO mail-qa0-f53.google.com) (209.85.216.53) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Oct 2014 18:58:20 +0000 Received: by mail-qa0-f53.google.com with SMTP id v10so1279089qac.26 for ; Wed, 15 Oct 2014 11:58:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:message-id:in-reply-to :references:subject:mime-version:content-type; bh=zg/cFdrMoCgc7GpSf7Op5D3etxtYlAYxy+d+RKrZJB4=; b=FL/5VzBJtEYvi201+JgkjfDGk/o09cKmOZyZxwMAgYzFwHsSlsaAc4ocThTyyG3blc rwsp3CFqkH/gOtj7HUZrhXu6cxvhK3qhM7+Q+zKgpjarWyhoxLTjRuHDHo1TXf8fhF2S rIZbnwLCDdpAnJQkKKma15FYMeVvXEdlqnOM4i8Jsfqq3FF+BFaq9VDaISYnLzB/zq14 xoqKEe631S21DoYKUwMI1EIm/frrB4L7h6yTNiMifsrJItgK0O4jihh5s04PydagmDWZ jhxtftQ+Unj6QColTNUdpAaSqKymcbdpGIJNKTsZjfqAekn2RwntqeCZpkr1KaCxsdW5 6pgg== X-Gm-Message-State: ALoCoQlNKcVAGiSlfZtWVzdPS/R6jUkC4LrX/z2GhxlG34HigczZwyjhdEpT105AlgTNZYJisSJ5 X-Received: by 10.140.42.39 with SMTP id b36mr782853qga.102.1413399498627; Wed, 15 Oct 2014 11:58:18 -0700 (PDT) Received: from terminus.local (static-108-29-37-206.nycmny.fios.verizon.net. [108.29.37.206]) by mx.google.com with ESMTPSA id 4sm18921789qax.48.2014.10.15.11.58.18 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Wed, 15 Oct 2014 11:58:18 -0700 (PDT) Date: Wed, 15 Oct 2014 14:58:17 -0400 From: Mo To: Marcus Cc: "=?utf-8?Q?dev=40cloudstack.apache.org?=" Message-ID: In-Reply-To: References:

Subject: Re: CloudStack Ports X-Mailer: Airmail (249) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="543ec3c9_19495cff_13dc" X-Virus-Checked: Checked by ClamAV on apache.org --543ec3c9_19495cff_13dc Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Yes, I understand the 192, will not be reachable from the public perspect= ive, I was just attempting to do just that, setup a VPN while at the offi= ce, but I won=E2=80=99t worry about it; I=E2=80=99ll set it up while I am= local on the home network.=C2=A0 Thanks for your help=21 =3D)=C2=A0 / Mo --=C2=A0 On October 15, 2014 at 1:56:28 PM, Marcus (shadowsor=40gmail.com) wrote: Ah, I see. I believe you'd need access to whatever IP the consoleproxy vm= is listening on. I don't actually use the console proxy vm for my purpos= es, but I don't think you need to open the vnc console or libvirt ports t= o the outside. If the console proxy works internally, you probably just d= on't have access to the console proxy vm's IP when it opens the link to r= edirect you. Are you NAT'ing to the mgmt server from outside=3F I think y= ou'd need the console proxy vm to be publicly reachable, and cloudstack s= eems to be assigning it a rfc1918 address (192.168), which you'll never b= e able to reach from the outside. Your best bet might be to set up a remo= te access VPN in your home if you want to use the system from outside, su= ch that you are treated like you are inside. Something like openVPN. On Wed, Oct 15, 2014 at 11:02 AM, Mo wrote: Would this be on the Console VM, Or from the node=3F Need to know which l= ocal IP I need to redirect it to.=C2=A0 I see in the log, it=E2=80=99s coming from 192.168.1.43 (which is console= vm) so I suspect there=3F --=C2=A0 Mo Sent with Airmail On October 15, 2014 at 1:00:12 PM, Marcus (shadowsor=40gmail.com) wrote: =46rom outside, (say from hotel, through home router, to mgmt server) you= need access to the web ui and for the web ui to have access to the api server. That would just be 8080 (UI) and 8096(API), I believe. you wouldn= 't need libvirt and the others unless you are stringing mgmt servers and hos= ts across the link. On Wed, Oct 15, 2014 at 10:43 AM, Mo wrote: > Hello, > > I=E2=80=99ve setup Cloudstack on my home server. However, it works with= out issues > locally. When I attempt to pull up console outside, it times out. I hav= e of > course enabled ports for SSH / UI, so I can setup instances, but I am n= ot > sure what else I need to permit through my router to allow all the > necessary ports to be opened. > > According to the site, I have done the following: > > 22 (SSH) > 1798 > 16509 (libvirt) > 5900 - 6100 (VNC consoles) > 49152 - 49216 (libvirt live migration) > Anything else=3F > > // Mo --543ec3c9_19495cff_13dc--