Bug 1302370 - [Documentation] Firewall error when appliance is connected to multiple networks
Summary: [Documentation] Firewall error when appliance is connected to multiple networks
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Documentation
Version: 5.5.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.9.0
Assignee: Red Hat CloudForms Documentation
QA Contact: Red Hat CloudForms Documentation
URL:
Whiteboard: doc
: 1302369 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-01-27 15:59 UTC by Sergio Ocón-Cárdenas
Modified: 2018-10-09 00:05 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: When you install CF 5 in RHEV and you are using more than one network, the default firewall is configured for eth0 and does not take into account those multiple networks Consequence: Firewall error when appliance is connected to multiple networks Fix: Steps to add the new nic to the manageiq firewall zone: 1- Add new networki (management network), assuming eth1 2- Log into the appliance and add the new interface to the manageiq zone using command: firewall-cmd --zone=manageiq --add-interface eth1 3- Now the new nic, eth1, has been added to the manageiq firewall zone: firewall-cmd --list-all Result:
Clone Of:
Environment:
Last Closed: 2018-10-09 00:05:38 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Sergio Ocón-Cárdenas 2016-01-27 15:59:47 UTC 
Description of problem:
When you install CF 5 in RHEV and you are using more than one network, the default firewall is configured for eth0 and does not take into account those multiple networks

Version-Release number of selected component (if applicable):
5.5.0.13.20151201120956_653c0d4 

How reproducible:
Tested in a customer

Steps to Reproduce:
1. Import the appliance with eth0
2. Add new network (management network)
3. Connection to RHEV does not refresh, it is stuck when you refresh states

Actual results:
Data is not received unless you disable firewall

Expected results:
Firewall is configured in the appliance when executing IP configuration to allow connection

Additional info:
Customer is using a production environment where appliance is connecting using eth0 (production network), but the manager is connected through a different environment (RHEV-M is in another VLAN that the production network)
When you add eth1 you need to disable firewall to make it work.
Comment 3 Shveta 2016-02-01 21:32:20 UTC 
Assigning to add test case
Comment 4 Joe Vlcek 2016-02-03 21:20:13 UTC 
*** Bug 1302369 has been marked as a duplicate of this bug. ***
Comment 5 Joe Vlcek 2016-02-03 21:45:46 UTC 
Can you please try to add the new interface to the manageiq firewall zone?

Steps to add the new nic to the manageiq firewall zone:
1- Add new networki (management network), assuming eth1

2- Log into the appliance and add the new interface to the manageiq zone using command:
      firewall-cmd --zone=manageiq --add-interface eth1

3- Now the new nic, eth1, has been added to the manageiq firewall zone:  
      firewall-cmd --list-all

Please let us know if this solves the issue.
Comment 7 Sergio Ocón-Cárdenas 2016-02-11 07:28:35 UTC 
Customer has tested the solution and and the problem has been solved.
This case can be closed

Thanks,
Sergio
Comment 8 Lucy Bopf 2016-05-26 02:26:28 UTC 
Moving to NEW to be reviewed as the schedule allows.
Comment 9 Andrew Dahms 2018-10-09 00:05:38 UTC 
Thank you for raising this bug.

We have evaluated this request, and while we recognize that it is a valid request for the documentation, we do not expect this to be implemented in the product in the foreseeable future. We are therefore closing this out as WONTFIX. 

If you have any concerns about this, please feel free to contact Andrew Dahms.
Note You need to log in before you can comment on or make changes to this bug.