You can run this on you PVE host:
iptables -P FORWARD ACCEPT
docker installed on PVE host would change the forward default policy to drop, which before was accept;
I don't know why or how, but after change the forward default policy to accept, firewall is ok
Hi, I have configured firewall cluster-wide, those are my two security group:
1. vm-default: which is default for management network
2. mcsgw-sg: which is for public network
on my two vms, the Firewall configurations are the same;
but I can ping one of the vm's public ip, the other cannot...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.