Skip to Main Content

Cloud Security, Observability and Administration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How to Manage Firewalls Per Instance in OCI?

I need some help understanding how firewalls are supposed to work in OCI.

My setup: multiple instances on the same subnet. When I go into an instance → networking → select subnet → security → Default Security List for the VCN → Security rules, the changes I make don’t seem to behave as expected.

Example: on one instance I tried opening specific ports, but they still didn’t respond. I even tried allowing all inbound traffic, but connections still failed. On the OS level I disabled ufw and flushed iptables to rule out host-side blocking, but no luck.

What I’m trying to achieve:

  • Be able to manage each server’s firewall separately, since they will run different services and ports.
  • Avoid one instance’s firewall rules affecting the others.

Questions:

  1. Are Security List rules applied at the subnet level for all instances?
  2. Is there a way to apply firewall rules per instance instead of per subnet?
  3. What’s the best practice if I want each server to have its own firewall management, independent from the others?

Appreciate any clarification.

Comments
Post Details
Added 3 days ago
0 comments
17 views