VNC port not open in firewall

asked 2015-01-27 23:50:03 -0500

I trying to setup a 3 node juno on CentOS and most part it is successful. Issue what I am facing is the VNC console access through the Horizon dashboard. I figured the issue is with the iptables on compute node refusing the connection. The workaround I used is to put a firewall rule on compute node to allow the ports 5900-5999.

iptables -A IN_public_allow -p tcp --match multiport --dports 5900:5999 -j ACCEPT

But my question is this should be added to the rules dynamically by nova, right? Am I missing something?

Thanks RV

on centos did you turn of the selinux or the builtin firewall if security is not a big concern for your lab.

No, selinux is enabled and iptables in on. I believe these are required since compute dynamically create rules.

2 answers

answered 2015-04-30 02:55:41 -0500

updated 2015-05-03 10:53:05 -0500

UPDATE 05/03/2015

Would you perform RDO Juno(Kilo)deployment via packstack,it disables firewalld and enables 
ipv4 iptables firewall automatically.


Another approach to switch to ipv4 iptables firewall manually

service iptables save 
systemctl stop firewalld
systemctl disable firewalld
systemctl start iptables
systemctl enables iptables

Update /etc/sysconfig/iptables as needed

systemctl restart  iptables
systemctl status iptables
I was trying the fully manual installation and was missing the firewall part.

answered 2015-04-29 22:23:14 -0500

The issue was caused by the firewalld on Centos7. I disabled it and then VNC console start working.

Asked: 2015-01-27 23:50:03 -0500

Seen: 2,853 times

Last updated: May 03 '15