TANGO Cloud VMs use firewalld by default, by default minimal ports will be open. To get a list of the ports that are open you can use the below command.

firewall-cmd --list-ports

 To know what zone you are running in you can run....

firewall-cmd --get-active-zone

 To list all the available zones you can run...

firewall-cmd --get-zones 

 In order to open ports on TANGO Cloud VMs you need to use the firewall-cmd command from the terminal with the "--add" option. When using this command you also need to define a zone for the rule to apply within. For example to open port 80 for http traffic in the public zone. (using the public zone is usually the option if you want to be able to access your server via SSH and not via the TANGO Cloud console) 

firewall-cmd --zone=public --add-port=80/tcp 

 IMPORTANT NOTE: when using the above command the rule gets added to the current runtime environment, this means that as soon as you reboot the machine that rule will be lost. To fix this issue adjust the command as below.

firewall-cmd --permanent --zone=public --add-port=80/tcp

 After adding rules to firewalld please run the command to reload the firewall

firewall-cmd --reload

 For further documentation on the use of firewalld, please go to their website: http://www.firewalld.org/documentation/ 

PLEASE NOTE: Using UFW or IPTables will have adverse effects. 

Did you find this information useful? Share your feedback here.