firewall

I seriously don’t understand what Proxmox is doing here, and I could use a reality check. Here’s my exact setup: 1. Datacenter Firewall ON Policies: IN = ACCEPT, OUT = ACCEPT, FORWARD = ACCEPT One rule: IN / ACCEPT / vmbr0.70 / tcp / myPC → 8006 (WebGUI Leftover as i had IN = REJECT before)...

Having issues with VLAN connectivity on my Proxmox setup. My Ubuntu VM is getting an IP address, but it cannot reach the internet. I’m trying to figure out if my VLAN config is wrong or if I'm missing a route/gateway somewhere. Also vlan are set in OPNsense. Here’s my...

Hello everyone, I am currently trying proxmox with opnsense as a VM and trying to understand more the VLAN functions und firewall rules. I have made a config and it is working but I am asking myself why some things work and some don't. Maybe one of you can answer them. 1. Why am I able to...

Hi all, I don't understand how ebtables work on PVE firewall and I don't find good documentation about that. I've enabled firewall on my VMs and LXC containers, but it seems that it's only filtering Layer3 packets (iptables, I guess). And what I'd like to do is to filter protocols operating at...

This is probably a newbie question as I am not familiar with the setup yet but what i basically want to achieve is: I have a single Proxmox Installation with one node. I have a container that acts as a gateway for all incoming connections. That also works as I have a IP Filter on my router (I am...

I'm sure this is going to be a painfully beginner question and I apologize from the start: I'm attempting to expose a single VM to 8080 and 443. Unfortunately, networking is not my strong suit. I have two rules assigned to it, set up as shown here: (and then for HTTPS the source port is set...

Hi Proxmox team, I’d like to suggest an improvement for the Proxmox Firewall: the ability to define firewall rules not only based on static IP addresses, but directly on VM objects. The idea is to create rules that reference virtual machines by their name, ID, or tags — similar to how it’s...

Hello, I am having trouble configuring the Vnet Firewall. I have set up a PoC with two hosts. There is one VM on each host, each of which has a service interface and another interface for the NAS. Two VLANs are configured, one for the service and another for the NAS. The intention is that the...

Hello everyone, I'm a beginner when it comes to networks and servers, so I decided to buy an old server and install Proxmox to improve, I got an HP ProLiant DL160 g6 to which I added an additional NIC, leaving me with a total of 4 ports. After configuring Proxmox I decided to install a Sophos...

Hello everyone, I reinstalled my proxmox server, which is hosted on herunter, yesterday. I noticed that when I create my VMs, I can't get an internet connection, and therefore can't use them properly. As I said, the problem only started occurring after I reinstalled everything. The entire...

Environment Proxmox VE version: 9.x (nftables backend enabled) Firewall backend: nftables Affected components: proxmox-firewall, nftables chain evaluation order Description When using the Proxmox VE firewall with nftables, multiple base chains per hook (input, forward, output) are created at...

Hello everyone, I have just setup a fresh Proxmox 9 install, added a Container and started firewalling the system. I enabled the firewall for the datacenter, the host and the container. Everything works fine except for the container firewall. I can see from the "nft list ruleset" output that the...

Hallo. Nach langer Zeit, ich mal wieder mit einem Problem. Seit drei Tagen versuche ich mein Problem in den Griff zu bekommen. Ich stelle grade mein Heimnetz um, mit einer Hardware Firewall vor meinem Proxmox-Server. Dazwischen kommt später noch ein Switch. Da ich den Server neu einrichte...

I’m trying to integrate OpenID Connect (OIDC) on my Proxmox server using Microsoft Entra ID (Azure AD). However, by default, internet access is blocked on the Proxmox host via the firewall. To allow OIDC to work properly, which specific URLs or domains should I whitelist to enable authentication...

Hello guys, My proxmox firewall is not working what I have now: Datacenter: yes and input/output/forward policy = drop Node: firewall=yes NIC: firewall=1 VM: firewall =yes and input and output policy = drop With these settings you think you would not have a internet connection but I have...

I use a cloud on internet running proxmox and want to filter some connections for connecting and others for not connecting vms. Typical plan for firewall. Now I got some rules running including nat from inside to outside, pre-nat for vpn outside to inside and some others for dhcp function. But...

I’m working on a home lab setup where I have my Proxmox server on a separate VLAN from my main home network. The Proxmox box used to live on a different network and worked perfectly fine there, but I’ve since moved it into a segmented VLAN behind a Cisco router. Now, I’m trying to access the...

This is a weird one, as I'm honestly not sure if it's a firewall thing, some kind of out-of-the box security thing or an Ansible thing but here goes: I've got a fresh LXC container that I'm planning to use Ansible to configure. I have setup some firewall rules so that SSH into it just fine...

Hallo zusammen. Wir bekommen demnächst einen neuen Internet Anbieter (Glasfaser 1 Gbit) und in dem Zuge möchte ich statt auf einen Hardware router auf opnsense setzen. Spricht aus Eurer Perspektive irgendwas dagegen diesen auf proxmox VM laufen zu lassen oder würdet ihr aus Gründen...

Hi everyone, I'm encountering an issue where my host-level iptables NAT rule (for VMs on a private bridge to access the internet) stops working when I enable the Proxmox VE firewall on the VM's network interface. Setup: Proxmox VE Host - Dedicated server VMs are on a private bridge vmbr1...