ellohir's profile - activity

2014-06-30 11:10:51 -0600 received badge  Taxonomist
2013-09-20 13:32:09 -0600 received badge  Famous Question (source)
2013-09-19 03:18:04 -0600 received badge  Enthusiast
2013-09-19 03:18:03 -0600 received badge  Enthusiast
2013-09-13 09:20:34 -0600 commented answer Accessing instances inside a proxy via VPN

Got VNC access! The instances don't have ip adresses and can't access the network, nor can I access or ping them, but it's something. Thanks a lot :)

2013-09-13 09:19:42 -0600 received badge  Scholar (source)
2013-09-07 13:21:02 -0600 received badge  Notable Question (source)
2013-09-07 03:07:41 -0600 commented answer Accessing instances inside a proxy via VPN

Thanks for your answer! So I need to open port 6080 but to which IP? The controller node or a floating ip? My public IP is the proxy and I can't access that machine. Cloud Pipe looks fine but ultimately I want to give access to many users to their different instances so it's not what I need.

2013-09-07 03:00:17 -0600 received badge  Supporter (source)
2013-09-07 02:10:33 -0600 received badge  Popular Question (source)
2013-09-06 05:12:35 -0600 asked a question Accessing instances inside a proxy via VPN

Hi, I'm trying to do my final university degree project on OpenStack. This is my first experience but I chose to do it because it's a great piece of software with a bright future. Anyway, this is my network arquitecture problem.

My current problem is I cannot SSH or VNC my way into my instances. My current situation is something like this:

http://i.imgur.com/qntOGOh.png (this)

I'm using a VPN to connect to my university network. There, I have a proxy machine I access with the internal university DNS. That machine has a port redirection so that when I connect to a specific port it redirects it to the internal machines. The proxy connects me to the specific SSH ports on them (and another one for controller's node 80 port to see the dashboard). Everything uses fixed IPs, the top network on this diagram is my "connection" network, and the bottom one is the "work" network for the machines to communicate.

http://i.imgur.com/J62FgGK.png (this diagram)

The thing is, when I try a VNC console from the dashboard, it starts a client who tries to connect to "192.168.x.x", which in my local network doesn't exist (the green clouds on this image).

http://i.imgur.com/bYhYnXC.png (this image)

There is no way right now I can access that internal IP from my browser.

Via SSH, I can't seem to access the instances either. They don't respond to ping or SSH, even when I've set up the security group. I have a floating IP network connected to a router and to the "public" network (which is just the network with the proxy machine). Like this:

http://i.imgur.com/IhYQB4Y.png (this)

though that gateway is completely made up as I don't have a link between the top and bottom networks.

So... Any ideas on how can I reach my instances? I've read that the compute nodes can't reach the instances by design, but it was a spare phrase on an article. And the VMs are supposed to be able to be reached by the users anyway, so I'm guessing we'd need a more permisive configuration on the proxy machine... Which I don't have access to and I'd have to ask my teacher to modify.

Any help or ideas would be greatly appreciated :)