rajujith commented on issue #7483: URL: https://github.com/apache/cloudstack/issues/7483#issuecomment-1531004270
@assistanz247 by the current design the network ACL in a VPC is applicable at the tier side hence the public port is not filtered by the ACL. It is allowing the traffic since the private port 3389 is allowed as per the ACL rule. In order to filter the traffic based on the public port we may have to introduce ACL for public interfaces on the VPC in addition to the VPC tier ACLs in use. Another way to handle this specific scenario would be by introducing a destination CIDR field in the ACL item where the destination VM guest IP could be configured. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
