Cannot Access UEC Cloud Server from Outside Network

We are in the early stages of doing a test deployment of the new Ubuntu Enterprise Cloud software, based on the Eucalpytus software, for possible use in our server environment.

I have successfully installed a cluster controller machine and one node. From inside our internal network using our private IP addresses (e.g. 192.168.x.x), I can access the web administration interface on the controller just fine, and I can also use SSH to access the console/command line on the controller. However, when I attempt to access either of these services from outside our local network, the connections simply time out.

I have verified that our firewall (a Cisco PIX 515E) is properly configured to allow access on the necessary ports and the proper external IP, to properly forward to the correct machine, etc. Also, a traceroute conducted using our firewall management software verifies that packets are allowed through and reach the destination properly.

Can anyone think of a reason these connections would not be working? Does UEC by default have some sort of firewall or access restrictions that would prevent access from an outside network? Are there any additional settings I need to tweak?

Any help would be most appreciated.


- Tom
Who is Participating?
TomEAAuthor Commented:
Well, I found the solution to this one. I appreciate all the help here, but it turns out that I was just an idiot. :)

During installation of UEC, if your server has more than one network interface, the software allows (and recommends) the designation of one interface/IP address as internal and one as external. I did this during installation and then promptly forgot about it, since a normal Ubuntu install does not do that.

In that setup, the server will not accept any traffic from external IP addresses on the internal interface. That is why I could connect on our local network, but not across the Internet. Once I pointed our firewall at the designated external interface, all started working normally.

Thanks again, everyone. Sorry for taking up your time with such a boneheaded mistake!

- Tom
        It seems that you need X.509 certificates to access the cloud controller.

Please have a look at this link and jump to  "STEP 5: Obtain Credentials" section.
TomEAAuthor Commented:
Thank you for the reply!

I understand that X.509 credentials are needed to access the cloud itself. However, if you look at those instructions, you'll see that it points you to the web server on the cloud controller as the place to access and download your credentials. That's also where you do the initial management of setting up the administrative user.

Accessing that web server does not require X.509 credentials. I have successfully accessed it from another machine on our local network just fine. Also, I am able to use SSH to access a console session on the server without having X.509 credentials. However, when I attempt to do so from outside our local network is when I have problems. That's what I'm trying to figure out.

Thanks again!

- Tom

In this case, try to access the machine using SSH from remote network and capture the SSH logs. It should report your connection attempt and status. Try to increase the verbose level of the log to get detailed log information.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.