Exposing and blocking public Internet access to VMs

Contents

Overview of default settings

By default, Skytap virtual networks have the following settings:

Access type Status
Outbound (egress) access to the public Internet
  • Enabled for Skytap Cloud customer accounts. This means that virtual machine can access the public Internet. To disable this, see Controlling outbound Internet access.
  • Disabled for free, 30-day trial accounts. This means that virtual machines in the account cannot access the public Internet. To request outbound Internet access, contact our sales team at 1-888-759-8278, and select option 2.
Inbound (ingress) access from the public Internet
  • Disabled for VMs in all accounts. This means that you cannot access the virtual machine from the public Internet. To enable inbound access, see Controlling inbound Internet access.

Controlling inbound Internet access

Enabling inbound access to a VM or environment from the public Internet

There are several options for enabling ingress access to a VM or environment from the public Internet.

Access method Description
Sharing portal Gives browser-based, remote access to the VM (or multiple VMs in the same environment) via HTTPS port 443 on cloud.skytap.com.
The sharing portal can be password-protected and customized to restrict access based on permissions or time limits. The VM ports are not directly exposed to the public Internet.
For more information, see Sharing VMs and environments with sharing portals.
Published service Opens a single port on the VM, allowing direct inbound and outbound access for a specific protocol (for example, RDP or SSH) over the public Internet.
For more information, see Accessing VMs with published services.
Public IP address Exposes all network ports on the VM, allowing direct inbound and outbound access from the public Internet.
There are two public IP address options:

Published services and public IP addresses require an automatic network to work. If an environment you want to expose is controlled by a manual network, you’ll need to add an automatic network to the environment and additional network adapters connected to the new network. For more information, see Using multiple networks in an environment.

Exposing your environment to the public Internet makes your VMs less secure. Please see Protecting a VM that is exposed to the internet or compromised article for information on best practices.

Disabling inbound access to a VM or environment from the public Internet

To disable inbound access to a VM or environment from the public Internet, remove any:

Controlling outbound Internet access

Blocking outbound access to the public Internet from VMs in an environment
  1. Navigate to the Environment page.

    Environment Details page

  2. Make sure that VMs are suspended or powered off.
  3. Click Networking: Settings. The Network Settings page displays. NETWORK SETTINGS PAGE
  4. Select Disable outbound Internet traffic for virtual machines in this environment. Network Settings

Notes

  • The VMs may still have outbound access to the public Internet if you are using one of the access methods discussed above (Enabling inbound access to a VM or environment from the public Internet).
  • If the network is connected to a VPN or Private Network Connection, outbound connections are permitted over that network. Check with your network administrator if you need to adjust your VPN or Private Network Connection settings.

Enabling outbound access to the public Internet from VMs in an environment

If you are using a free, 30-day trial account, outbound Internet access is disabled. This means that virtual machines in the account cannot access the public Internet. To request access, contact our sales team at 1-888-759-8278, and select option 2.

To enable outbound Internet access for the VMs in an environment
  1. Navigate to the Environment page.

    Environment Details page

  2. Make sure that VMs are suspended or powered off.
  3. Click Networking: Settings. The Network Settings page displays. network settings page
  4. Clear the Disable outbound Internet traffic for virtual machines in this environment checkbox. Network Settings

If you cannot access the public Internet from a VM after changing this setting, see Issue: I can’t access the Internet from my VM.