cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fariborz Navidan <>
Subject Re: Change default egresss rule
Date Mon, 04 Nov 2019 22:02:04 GMT
I am using Advanced Networking mode. I want to block some destination CIDRs
(Egress) for some VM instances.  I have currently one shared guest network
with default egress allowed.  I want to create another shared network with
default egress denied so I can explicitly allow all outbound traffic except
those CIDRs.

When you create a new Network Offering, UI does not have any option to
choose default Egress rule for and it is dictated by zone settings.

On Tue, Nov 5, 2019 at 1:15 AM Riepl, Gregor (SWISS TXT) <> wrote:

> Hi Fariborz,
> Sorry, I don't quite understand what you're referring to.
> For Advanced Networking with a virtual router, you have to create egress
> rules yourself, using
> or the UI. The same applies to VPCs.
> On Basic Networks, you should be able to use SecurityGroups:
> The Security Group APIs are separate from the Instance APIs, so you can
> create your SG, apply egress rules, then apply the SG to the instance via
> the deployVirtualMachine securitygroupnames parameter.
> Which kind of network are you using?
> Regards,
> Gregor
> ________________________________
> From: Fariborz Navidan <>
> Sent: 04 November 2019 18:38
> To: <>
> Subject: Change default egresss rule
> Hello,
> When create a new network, there is no option to choose default egress
> rule. How can we change it before creating VM on that network?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message