Hi,
We have created few tenants in our VIO infrastructure. There are few routers on each tenant. By default the Firewall rule of the edge router managing the tenant VMs is "Deny" . I am modifying the firewall rule from "Deny" to "Accept" from NSX interface available from the vCenter but I see that this rule changes in a day or two.
Can you please guide how to permanently set the Firewall rule of the edge router managing the Tenant subnets to "Accept".
Thanks
Ratnajit
It sounds like you haven't adjusted the rules for the default security group on the OpenStack side. You can do this via the CLI or from Horizon:
1.) Click on Compute -> Access & Security
2.) Click on the "Security Groups" tab
3.) Click on the "Manage Rules" button for the "default" security group
4.) You should now see a list of rules and buttons to add new ones or delete existing ones. For example, you can click on the "Add Rule" button, select "All TCP" from the "Rule" dropdown, and click "Add" to allow all TCP traffic for instances using the default security group.
Documentation on the equivalent CLI's can be found here:
OpenStack Docs: Networking service (neutron) command-line client
It sounds like you haven't adjusted the rules for the default security group on the OpenStack side. You can do this via the CLI or from Horizon:
1.) Click on Compute -> Access & Security
2.) Click on the "Security Groups" tab
3.) Click on the "Manage Rules" button for the "default" security group
4.) You should now see a list of rules and buttons to add new ones or delete existing ones. For example, you can click on the "Add Rule" button, select "All TCP" from the "Rule" dropdown, and click "Add" to allow all TCP traffic for instances using the default security group.
Documentation on the equivalent CLI's can be found here:
OpenStack Docs: Networking service (neutron) command-line client
Hi,
Thanks a lot.
This helped us to set the Firewall is set to "Accept".
Regards
Ratnajit