cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jayapal Reddy (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-2219) SRX - Unable to ssh VM even when TCP port 22 rule set, able to ping VM even when no ICMP rule set
Date Fri, 10 May 2013 04:57:15 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13653546#comment-13653546
] 

Jayapal Reddy commented on CLOUDSTACK-2219:
-------------------------------------------

Please attach SRX configuration. Router iptables rules will not help much because router is
not acting as firewall here .
>From SRX cli run 'show configuration | display set'  and attach the configuration here.
                
> SRX - Unable to ssh VM even when TCP port 22 rule set, able to ping VM even when no ICMP
rule set
> -------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2219
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2219
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.2.0
>         Environment: MS  ACS 4.2  build    4/24/13 7:48 PM     revision:  299cccf779f75c3ba04d9ec7303bed88394c3562

> host   XS  6.0.2  
>            Reporter: angeline shen
>            Assignee: Jayapal Reddy
>            Priority: Critical
>             Fix For: 4.2.0
>
>         Attachments: management-server.log.gz
>
>
> MS  ACS 4.2  build    4/24/13 7:48 PM     revision:  299cccf779f75c3ba04d9ec7303bed88394c3562

> host   XS  6.0.2  
> 1. SRX network offering :  isolated  DHCP: virtual router   DNS: virtual router   firewall:
SRX   userdata:virtual router   sourceNAT: SRX    staticNAT: SRX   portforward: SRX   sourceNAT
type: perzone
> 2. domain:  ROOT    admin
>    domain:   /d1         domain admin:  d1domain  
>    domain:   /d2         user:     d2user
> 3.  login:  admin    create VMs,  allocate public IPs . 
>     for each IP,  set firewall rule    CIDR  0.0.0.0/0    TCP    startport: 1  endport:
8090
>     set portforward rule   private port range: 22 - 22  public port range: 22 - 22  
TCP   assign to VM  
>     from external (laptop)   test ping VMs   and ssh to VMs   
>     login:  d1domain    repeat above steps
>     login:  d2user        repeat above steps
>       login             VM              public IP             ping         comment  
ssh         comment
>     -----------------------------------------------------------------------------------------------------------------------------
  
>       admin          i-2-17        10.223.123.17        succeed    bug           succeed
   
>       admin          i-2-22        10.223.123.20        succeed    bug           succeed
   
>       d1domain     i-3-18        10.223.123.18        succeed    bug           fail 
         bug
>       d1domain     i-3-19        10.223.123.19        succeed    bug           fail 
         bug
>       d2user         i-4-20        10.223.123.12        succeed    bug           fail
          bug
>       d2user         i-4-21        10.223.123.14        succeed    bug           fail
          bug
>     

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message