diff --git a/source/_static/images/firewall_rule_in_vpc.png b/source/_static/images/firewall_rule_in_vpc.png new file mode 100644 index 0000000000..449a2dafeb Binary files /dev/null and b/source/_static/images/firewall_rule_in_vpc.png differ diff --git a/source/adminguide/networking/virtual_private_cloud_config.rst b/source/adminguide/networking/virtual_private_cloud_config.rst index 219f4ea7f4..a325b29df7 100644 --- a/source/adminguide/networking/virtual_private_cloud_config.rst +++ b/source/adminguide/networking/virtual_private_cloud_config.rst @@ -940,6 +940,34 @@ function only if they are defined on the default network. #. Select the tier and the destination Instance, then click Apply. +.. _adding-firewall-rules-on-a-public-IP-address-in-a-VPC: + +Adding Firewall rules on a public IP address in a VPC +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In a VPC, once the public IP address is acquired, you can create firewall rules +for the public IP address. Firewall rules are created to allow traffic from +specified source CIDRs to a tier through the selected public IP address. For +example, you can create a firewall rule to allow SSH or HTTP traffic to the Web +tier. + +#. Log in to the CloudStack UI. +#. In the left navigation, choose Network. +#. In the Select view, select VPC. +#. Enter Public IP addresses section and click on the + Public IP Address to which you want to add firewall rules. +#. Click the Firewall Rules tab, which will appear only if the public IP address is associated with a tier. +#. Click Add Firewall Rule and specify the following: + + - *Source CIDR* - The CIDR that defines the source of the traffic. + + - *Protocol* - The protocol that defines the type of traffic. + + - *Start Port* and *End Port* - The port range that defines the destination of the traffic. + If you are opening a single port, use the same number in both fields. + + |firewall_rule_in_vpc.png| + Adding Load Balancing Rules on a VPC ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -1502,3 +1530,5 @@ is not required. :alt: button to remove a VPC .. |restart-vpc.png| image:: /_static/images/restart-vpc.png :alt: button to restart a VPC +.. |firewall_rule_in_vpc.png| image:: /_static/images/firewall_rule_in_vpc.png + :alt: Firewall rule in VPC.