Yes, I understand the 192, will not be reachable from the public perspective, I was just attempting to do just that, setup a VPN while at the office, but I won’t worry about it; I’ll set it up while I am local on the home network.
Thanks for your help! =) / Mo -- On October 15, 2014 at 1:56:28 PM, Marcus (shadow...@gmail.com) wrote: Ah, I see. I believe you'd need access to whatever IP the consoleproxy vm is listening on. I don't actually use the console proxy vm for my purposes, but I don't think you need to open the vnc console or libvirt ports to the outside. If the console proxy works internally, you probably just don't have access to the console proxy vm's IP when it opens the link to redirect you. Are you NAT'ing to the mgmt server from outside? I think you'd need the console proxy vm to be publicly reachable, and cloudstack seems to be assigning it a rfc1918 address (192.168), which you'll never be able to reach from the outside. Your best bet might be to set up a remote access VPN in your home if you want to use the system from outside, such that you are treated like you are inside. Something like openVPN. On Wed, Oct 15, 2014 at 11:02 AM, Mo <m...@daoenix.com> wrote: Would this be on the Console VM, Or from the node? Need to know which local IP I need to redirect it to. I see in the log, it’s coming from 192.168.1.43 (which is console vm) so I suspect there? -- Mo Sent with Airmail On October 15, 2014 at 1:00:12 PM, Marcus (shadow...@gmail.com) wrote: From outside, (say from hotel, through home router, to mgmt server) you need access to the web ui and for the web ui to have access to the api server. That would just be 8080 (UI) and 8096(API), I believe. you wouldn't need libvirt and the others unless you are stringing mgmt servers and hosts across the link. On Wed, Oct 15, 2014 at 10:43 AM, Mo <m...@daoenix.com> wrote: > Hello, > > I’ve setup Cloudstack on my home server. However, it works without issues > locally. When I attempt to pull up console outside, it times out. I have of > course enabled ports for SSH / UI, so I can setup instances, but I am not > sure what else I need to permit through my router to allow all the > necessary ports to be opened. > > According to the site, I have done the following: > > 22 (SSH) > 1798 > 16509 (libvirt) > 5900 - 6100 (VNC consoles) > 49152 - 49216 (libvirt live migration) > Anything else? > > // Mo
