Search results

  1. R

    intel wireless ac 9260 is not working my proxmox version is 5.2-1

    what kernel are you using? It should be supported by >4.14, and yet some higher kernels have problems with binary firmware for this card (iirc 4.16)...
  2. R

    Setting two NICs, one for host, one for VMs with bridge and NAT

    That is quite logical. You used your only IP to PVE-management, that's right. But how would you like to use NAT for VMs? How should the local IP be "translated"? To what? There is no IP remaining. So you need one more...
  3. R

    Setting Proxmox behind Opnsense Firewall

    It is possible, but I do not recommend it at all. If your VM-firewall goes down (and does not start), you have no way to fix it, except going to your server and using its console (or wipe it out and re-install completely). Bad things do happen sometimes, OPNsense-update can be screwed...
  4. R

    Configure Pfsense with a Public IP Single

    If your server is collocated somewhere remotely, then it is even more important to have remote access configured properly. I'm actually using 3 eth-adapters, as my server has kvm-port too. But KVM & PVE are protected by dedicated hw-firewall. My setup looks like this (simplified):
  5. R

    Configure Pfsense with a Public IP Single

    By "MV" you mean "VM" (virtual machine)? If it is so, then you have (what I consider as) very dangerous configuration. I would never recommend routing access to PVE management interface (web, ssh) over VM (be it pfSense or whatever). It is very bad idea... As a bare minimum, I recommend to have...
  6. R

    problem with apc ups

    Seems to me like your serial-port is not properly configured (speed/flow)...
  7. R

    Configure Pfsense with a Public IP Single

    What have iptables to do with pfSense? If you decided to use pfSense as gateway for your VMs (which imho is the right solution), disable all iptables-rules and let pfSense do the job...
  8. R

    ZFS causes high load, unable to figure out why

    maybe you do not have enough "randomness", in other words your system has low entropy? Check it with: cat /proc/sys/kernel/random/entropy_avail Try to observe this value while writing to disk with if=/dev/urandom It is difficult to find optimum values (except for "the more, the better), but...
  9. R

    [SOLVED] Proxmox secure firewall?

    Proxmox-firewall is just front-end for iptables. Do not expect too much of it. It is a little better than esxi-firewall, but still very "basic" and some of advanced features are not directly accessible. Anyway, serious filtering should be always offloaded away from proxmox-host. Filtering...
  10. R

    How to disable corosync

    If you want to have a few hosts in cluster, then you have to let pmxcfs running. Devs promised to optimize it, but as it seems, not much has changed. The only thing you can do is to get two very good sata-doms. Hope they hold a little longer than my SLC-based usb-stick (died within a few months)...
  11. R

    Memory Issue

    I think OPN is reporting only memory used by applications (without buffers/disk-cache). Just log in to OPN-vm, and check "free"...
  12. R

    Is It Best Practice To Use Proxmox Firewall or Firewall In VM?

    Your answer was about (sic) "Any firewall". BTW, even if we consider only packet filters, you are still wrong because IPtables can do DPI too (although not so effective as app-firewall due to packet fragmentation). Based on the content of the packet it can decide if it lets packet pass, or not...
  13. R

    Small Server Setup

    My own opition: 1. hw is good, but if you can, get more RAM. 16GB is too little even for all those VMs/containers. 2. forget hw-raid/mdadm/lvm-raid, use zfs-raid (did I say more RAM?). 3. Do not install proxmox on usb/cf/sd (variant 1), not even 2x in raid1. Proxmox is not like ESXi (loads...
  14. R

    Is It Best Practice To Use Proxmox Firewall or Firewall In VM?

    Have you ever heard of "application firewall"? If you have, then you know how badly you are wrong...
  15. R

    [SOLVED] Firewall problems . . .

    That might be your problem. How do you want to guarantee your web/ssh-client will use 8006 (or "xxxxx") sorce-port? That's virtually impossible. Source-ports used by web/ssh-clients are random, anything between 1024 and 65k. You might restrict it more tightly (i.e. 10k-65k), but still you do...
  16. R

    pfSense on Proxmox - 500mbps on 1G line

    Not sure if this is relevant, but unlike Linux, BSD-based OS use 1 core/cpu for routing. Check this throughput-test: on the same hardware IPFire (Linux) si always faster, than pfSense (BSD)...
  17. R

    Docker support in Proxmox

    Small (but important) update for Proxmox (on ZFS) & Docker from STH-folks: https://www.servethehome.com/setup-docker-on-proxmox-ve-using-zfs-storage/ Original guide: https://www.servethehome.com/creating-the-ultimate-virtualization-and-container-setup-with-management-guis/
  18. R

    Is It Best Practice To Use Proxmox Firewall or Firewall In VM?

    As with everything, you can achieve it in many ways. For example I'm checking my firewall logs with fail2ban and if it finds pre-defined patterns, it takes care of banning IP with invalid traffic. In case of unfinished 3way handshake there is "connection died" or something like that (don't...
  19. R

    Is It Best Practice To Use Proxmox Firewall or Firewall In VM?

    True, but only if those packets come to a few opened ports. I think the more I reduce this chance, the better... Moreover, I do not use icmp at all (very unsecure protocol) and udp is strictly limited to dn-replies only for my clients. Then it is much easier to deal with tcp (i.e. for web)...
  20. R

    Cisco ASA FW Vs Proxmox FW

    Cisco ASA ist much more than "just" a firewall. It is fully-fledged adaptive security appliance. Not the best on the market imho, but still very good. Resources-hungry, expensive, but also very effective (with valid subscription, of course). Using it just for nat/vlan is like using...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!