cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Xerex Bueno <xbu...@LPSIntegration.COM>
Subject Re: Public IP Addressing in a Advanced Zone behind a Firewall
Date Thu, 03 Apr 2014 21:09:04 GMT
So you will not be able to NAT the public IPs to the vRouter.  If you do
NAT them it will become a mess for management, not to mention you reduce
the effectiveness of Cloudstack as a cloud management tool.  You need to
expose that block to your WAN switch of which the public interface will
need to connect to.  If you really wanted to put a firewall in front you
would need to place it in transparent mode which would allow you to create
policies to control traffic.

On 4/3/14, 1:59 PM, "Fred Newtz" <> wrote:

>Public IP addresses confuse me the most in a Cloudstack install.  I have a
>Firewall that is hosting all of my public IP addresses now.  The
>server is supposed to sit behind a NAT device to protect it from attack.
>How am I supposed to assign public IP addresses to virtual machines
>(virtual routers) inside of the NAT device? I have not seen any clear
>documentation on how this is supposed to be configured to make everything
>work correctly.  Where do I assign my IP addresses and how do I get them
>through the firewall correctly?
>I just purchased a Juniper SRX100 device (will be a small deployment).
>Will installing this help manage the Public IP situation easier (and even
>automatic)?  If anyone has any suggestions on what I should search for to
>solve this issue that would be great.  Explaining would be even better.


This document is PROPRIETARY and CONFIDENTIAL and may not be duplicated, redistributed, or
displayed to any other party without the expressed written permission of LPS Integration,
Inc. If you are not the intended recipient and have received this email in error, please destroy
the email and contact the LPS Integration Security Officer at 866-577-2902 (Phone), 615-349-9009
(Fax) or 230 Great Circle Rd. Suite 218 Nashville, TN 37228 (US Mail)

View raw message