Editing Security Group Rules for OpenStack VMs

By default, OpenStack has a restrictive firewall for VMs. You will have to open up ports for your OpenStack VMS as the default OpenStack behavior closes most ports.  OpenStack security group rules must be edited (OpenStack has firewalls set up to close access and you have to tell it to relax some rules).

1. Log in to your OpenStack project through the web GUI and Go to Security Group rules.
   
   
   
   
2. You'll see a list of Security Groups. Each row in the table is a distinct Security Group. Each Security Group consists of a set of firewall rules to enable/disable network access. The table indicates that each has a name, security group ID, description, and actions. When you launch your VM, the Security Group called 'default' is applied (unless you changed it). You want to click on "Manage Rules" for the default Security Group
   
   
   
   
3. This is the set of firewall rules for the 'default' Security Group. Note that each row consists of a rule whereby Egress/Ingress indicates inbound/outbound traffic; for each row, you have the port range and IP addresses allowable for either inbound/outbound traffic. Click Add Rule to edit the security group rules. Each rule has a direction "Engress" (outbound traffic), "Ingress" (inbound traffic), IP prefix, etc.
   
   
   
   
4. You'll see a pop up window where you can specify the options for a new rule. Under the "Rule" box, choose SSH. The set of boxes will change upon this choice.
   
   
   
   
5. Double check that you have actually created the rule by looking at the Security Group page.
   
   
   
   
6. You can create a new Security Group instead of editing the Default as shown above. If you create a new Security Group, you have to apply it to your VM from the instance page: