I cannot figure out how to de-select SECURITY_GROUPS=0 (default) for my VMs. No matter what I do, ‘default security group’ is always added when VM starts. I triple-checked that VM template doesn’t have ‘default’ for either interface (via GUI and via Advanced template edit), template only lists my custom sec. groups (i.e. SECURITY_GROUPS=‘ID’ in NIC, not 0).
When VM starts, SECURITY_GROUPS=0 is always added in addition to my custom defined sec. groups (but ‘default’ is NOT on the list). I can see all SECURITY_GROUPS in SECURITY_GROUP_RULE section of running VM’s template.
My default sec group allows inbound/outbound, which is OK for most VMs (I have network firewall as well).
Few VMs need better in/out control, so I though defining custom sec. groups, and un-selecting default for those VMs should do it…
Is ‘default’ added no matter what? Do I have to remove in/out rules in ‘default’ and create custom sec. groups for all VM templates?