Connectivity to VM - SSH working but not HTTP

T

thelastwilson

New Member
Oct 23, 2023
2
0
1
Hello Proxmox forum

I've recently setup a proxmox server as a test environment but having a challenge with connectivity. I can SSH to the VM but can not get HTTP to work despite the service being active and responding within the VM.

This is the bridge that I'm using:
Code: 
auto vmbr0
iface vmbr0 inet dhcp
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
        metric 200

1698059456641.png

And I can successfully SSH to the VM, but I can not connect to the HTTP server except locally on the VM.

Code: 
[root@VM1 ~]# wget 10.138.174.63
--2023-10-23 11:56:52--  http://10.138.174.63/
Connecting to 10.138.174.63:80... connected.

root@proxmox:~# wget 10.138.174.63
--2023-10-23 16:41:41--  http://10.138.174.63/
Connecting to 10.138.174.63:80... failed: No route to host.

root@proxmox:~# ping 10.138.174.63
PING 10.138.174.63 (10.138.174.63) 56(84) bytes of data.
64 bytes from 10.138.174.63: icmp_seq=1 ttl=64 time=0.090 ms
64 bytes from 10.138.174.63: icmp_seq=2 ttl=64 time=0.050 ms
^C

root@proxmox:~# ssh user@10.138.174.63 hostname
user@10.138.174.63's password:
VM1

There's no firewall on the VM, as far as I can tell the Firewall is disabled in proxmox. The service is definitely running publically

Code: 
[root@dhruvatest-foreman crwilson]# netstat -natlp | grep httpd
tcp6       0      0 :::80                   :::*                    LISTEN      802/httpd
tcp6       0      0 :::443                  :::*                    LISTEN      802/httpd

Maybe I'm missing something but I can't see why I'm not able to connect to the VM's web server.
 
Hi,
a few things you might want to check are:
  1. Are you trying to connect to the correct host/VM? Maybe check the output of ip neigh.
  2. Double check that you have no duplicate IP addresses.
  3. Double check that there are no iptables rules interfering with your traffic, iptables-save will dump the rules.
  4. Double check via tcpdump connected to the interface in the VM if the wget requests are correctly incoming on that interface.
 
  • Like
Reactions: thelastwilson
Thank-you.

I was confident with 1,2 and .... half of 3.

With `tcpdump` I managed to confirm the traffic was hitting the VM but getting blocked by a firewall. I'd already checked iptables and nftables but it turns out firewalld was running.

I'm going to set my password to a value from /dev/random and go hide in the data center cupboard for awhile.
 
thelastwilson said:
Thank-you.

I was confident with 1,2 and .... half of 3.

With `tcpdump` I managed to confirm the traffic was hitting the VM but getting blocked by a firewall. I'd already checked iptables and nftables but it turns out firewalld was running.

I'm going to set my password to a value from /dev/random and go hide in the data center cupboard for awhile.
Click to expand...
Glad you were able to solve the issue, please note that it is not recommended to run an additional firewall directly on the host. There are special anti lock-out rules defined for the PVE firewall, which are not present if you use other solutions. So this might cause issues if you are not setting these manually.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back