Re: Multilevel NAT with private networks

Tue, 19 Sep 2023 17:06:49 -0700

Perhaps it's the late hour, but I am still not sure I understood your "common network" and "branch network", but I feel like I very vaguely got it. Anyway, you cannot port forward to a VM not in that respective network, as such it would be complicated if not impossible to do what you want.
If I were you and I had real shortage of IPs, I'd perhaps set up a new network, maybe shared or L2, put a linux/opnsense/etc in there, assign public IP and port forward from it to VMs you'd connect in the same or different shared or L2 network (all hooked up to your custom router). 

hth

On 2023-09-19 23:43, Emil Karlsson wrote:

Hi,

Thanks for the quick response.

My bad, I meant Isolated networks.

The idea was to be able to isolate some VMs if needed by putting them
in the "branch" isolated network, "under" the root network, as
described in my previous email.

(Which means two port forwarding would be needed)

Now, it seems that I am not able to port forward from one isolated
network to another isolated network. And thus i was wondering if this
is even possible in CloudStack? Or if I can achieve similar results in
some other way?

To recap, it is ideal for us to be able to access any VM in the group
of isolated network using one public IP.

Best regards,
Emil

On Tue, Sep 19, 2023, 22:19 Nux <[email protected]> wrote:


Hello Emil,

I am not sure I follow.
What type of networks are those? Isolated networks, shared networks
or
L2 networks? Or VPC tiers/networks?

On 2023-09-19 10:40, Emil Karlsson wrote:

Hi all,

We're currently using CloudStack as a deployment platform, and I

am

interested to know if it's possible to port forward from one

private

network to another private network.

Our use case:
We have a common network, and a private networks as "branches"

(both

are of
type "Private networks" in CloudStack's terminology), where a VM

can

exist
in the common network an thus port forwarding is only required in

the

main
router -> VM. But they can also exist in any branch underneath,

such

that a
port forwarding rule is needed from root -> branch router -> VM.

As

below:

internet --- > common network  --- > private network 1
- vm 1                           - vm 3
- vm 2                           - vm 4

The reason for this, is that it would require only one Public IP
address.
However, it appears I am an unable to do this, as the create
portforwardingrule requires a vmID in the network.

Is their some way to achieve this using only CloudStack?

Best regards,
Emil Karlsson
kthcloud






















					Reply via email to