firewall

Wiki for reference: https://pve.proxmox.com/wiki/VNC_Client_Access I'm looking into adding this to some of my VMs to make them more accessible. However, I'd like to isolate the VNC network from Proxmox MGMT in general. I've run into a few issues so far, and I'm not quite sure the best...

Hello, I am having a hard time accessing my Proxmox server. I have one router sitting between my computer and the Proxmox. The Proxmox is connected through 1 physical cable to the router, which is configured as a VLAN trunk port with VLAN 10 and 30 configured. For VLAN 10, I am using the network...

I have a user on my cluster that I want to give permission to edit their own vnet firewall rules. I created a separate SDN zone for them as I don’t see a way to give permissions on just a single vnet. I can give them permission to use that SDN zone, but I can’t find a way to give them access to...

i have a problem with the pve fw: i have the fw activated on my cluster, host and vm so i create a fw rule on my host: source: https://www.cloudflare.com/de-de/ips/ destination: myip/24 even in my /etc/pve/nodes is the entry IN DROP -source +dc/cloudflare-v4 -dest +dc/packets-ipv4-network...

Hi Everyone, could you please give an advice how to configure my network? Looks like I got stuck. I have Proxmox server and I install OPNsense firewal as a VM inside PVE. After that I passthrough a 2 NIC PCIe network card derectly to the VM. OPNsense (firewall) work perfectly with all...

Hello, I have tap/fwbr/fwpr/fwln interfaces for each VM interface although I have Proxmox firewall disabled on cluster, node and all vms. I have enabled the firewall once, but disabled it again. Example: # ip a|grep 104 22: tap104i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc...

Hi folks. Apologies in advance - I am very much a Windows person from a professional perspective, but am "tinkering" with ProxMox and VMs, etc. at home for a personal home setup - mostly as I wanted to set up a dedicated Satisfactory server (which is working perfectly fine - including the port...

I'm setting up Proxmox server with pfSense as a VM to act as the main gateway/firewall. The system is in a remote location with a single ISP connection in passthrough mode providing a public IP. My concern: If the pfSense VM becomes inaccessible, I could lose remote management access to the...

Moin zusammen, ich habe gestern einen neuen Proxmox-Node (PVE8.3) in einem abgeschotteten Netzsegment standalone in Betrieb genommen. Ich habe auf dem Node die iptables Firewall ein- und ausgehend für die dort laufenden VMs aktiviert (Default DROP). Für das Monitoring dieses Netzes nutzen wir...

Hi, By enabling cluster firewall (we have one node), we can't do asymmetric bgp routing in a VM, since Proxmox drops the invalid packets (even when firewall is disabled for a VM) We want to have firewall enabled, but since invalid packets are only forwarded towards the bridge and not the VM...

Hello everyone, I'm having issues with service discovery, after enabling firewall on my LXC (smb with configuration for time machine*). Everything else is working, aside from the server discovery after enabling firewall on the lxc. Service discovery works again, after disabling the firewall on...

Hi everyone, I'm planning to set up MAC filtering for IPv4 traffic in my Proxmox live cluster and aim to use ebtables and ipset where necessary, but I would like to primarily rely on Proxmox's built-in GUI features for easier management. As I'm still learning Proxmox's firewall system and...

Hey all I'm fresh in Proxmox. Is proxmox support "Service Chaining" or something equivalent? I have my own firewall (VM that enforce some security policy rules). Can I chain it in the traffic flow, such that packet that? A very simple example of a service chain would be one that forces all...

Hello, I have 2 VMs running on a single Proxmox server. on all VMs I have: $ nmap -Pn -p 22 10.10.21.117 Starting Nmap 7.95 ( https://nmap.org ) at 2024-11-16 22:01 PST Nmap scan report for 10.10.21.117 Host is up (0.000086s latency). PORT STATE SERVICE 22/tcp filtered ssh Nmap done: 1...

Hi there! VMs can't ping route after pve restart networking.service and won't able to reconnect automaticlly. I have to toggle firewall flag of network device net0( enable firewall if it is disable, vice versa) to resume VM's network. Impacted VMs' system are debian12 and win10. Neither...

Hi, ich habe einen Proxmox Server mit öffentlicher IPv4 (standalone, kein Cluster) und habe in der Proxmox Firewall in der Datacenter Ebene den Port 8006 freigegeben. Ebenso auf der Node Ebene den Port 8006. Hat das Auswirkungen auf die VMs, sodass alle Ports (außer 8006) in den VMs geblockt...

Hi all, I am running into this issue: I set up the Proxmox Firewall for each level (Datacenter, my node and each container), but everytime I try to enable the Firewall on each level I lose connection to every container, but not the node interface. I am allowing the port I need on every host...

I have docker installed in a debian LXC container on my Proxmox host. I want to utilise Proxmox's firewall on that container to improve the security of my setup. Proxmox - 10.5.0.64 Unprivileged LXC - 10.5.0.66 Docker Container - 10.5.0.57 (macvlan bound to eth0) I have a container...

I just attended a VMUG where they brought in a heavy hitter that quite effectively made the case for their new product VMware vDefend Distributed Firewall (formerly known as VMware NSX Distributed Firewall). The primary focus of my job is getting us off of VMware, so I don't care about his...

Hi, I have an issue with network configuration on my Proxmox server. I really want to have remote access to the configuration panel, the NAS server, Homebridge and VM hosted on the server. The problem is my Internet provider, who won't provide me with a public IP address. I don't have a static...