firewall

Hi everyone, I'm planning to set up MAC filtering for IPv4 traffic in my Proxmox live cluster and aim to use ebtables and ipset where necessary, but I would like to primarily rely on Proxmox's built-in GUI features for easier management. As I'm still learning Proxmox's firewall system and...

Hey all I'm fresh in Proxmox. Is proxmox support "Service Chaining" or something equivalent? I have my own firewall (VM that enforce some security policy rules). Can I chain it in the traffic flow, such that packet that? A very simple example of a service chain would be one that forces all...

Hello, I have 2 VMs running on a single Proxmox server. on all VMs I have: $ nmap -Pn -p 22 10.10.21.117 Starting Nmap 7.95 ( https://nmap.org ) at 2024-11-16 22:01 PST Nmap scan report for 10.10.21.117 Host is up (0.000086s latency). PORT STATE SERVICE 22/tcp filtered ssh Nmap done: 1...

Hi there! VMs can't ping route after pve restart networking.service and won't able to reconnect automaticlly. I have to toggle firewall flag of network device net0( enable firewall if it is disable, vice versa) to resume VM's network. Impacted VMs' system are debian12 and win10. Neither...

Hi, ich habe einen Proxmox Server mit öffentlicher IPv4 (standalone, kein Cluster) und habe in der Proxmox Firewall in der Datacenter Ebene den Port 8006 freigegeben. Ebenso auf der Node Ebene den Port 8006. Hat das Auswirkungen auf die VMs, sodass alle Ports (außer 8006) in den VMs geblockt...

Hi all, I am running into this issue: I set up the Proxmox Firewall for each level (Datacenter, my node and each container), but everytime I try to enable the Firewall on each level I lose connection to every container, but not the node interface. I am allowing the port I need on every host...

I have docker installed in a debian LXC container on my Proxmox host. I want to utilise Proxmox's firewall on that container to improve the security of my setup. Proxmox - 10.5.0.64 Unprivileged LXC - 10.5.0.66 Docker Container - 10.5.0.57 (macvlan bound to eth0) I have a container...

I just attended a VMUG where they brought in a heavy hitter that quite effectively made the case for their new product VMware vDefend Distributed Firewall (formerly known as VMware NSX Distributed Firewall). The primary focus of my job is getting us off of VMware, so I don't care about his...

Hi, I have an issue with network configuration on my Proxmox server. I really want to have remote access to the configuration panel, the NAS server, Homebridge and VM hosted on the server. The problem is my Internet provider, who won't provide me with a public IP address. I don't have a static...

I have activated the firewall in the Datacenter and it works as expected. The nodes use the firewall. However, the containers and VMs ignore the firewall. I have activated the firewall in the conatiner and under Network for the interfaces. When I add rules to the container itself the rules are...

Hello everyone, I’m having an issue with the Proxmox firewall that I don’t fully understand, and I’m hoping someone can help clarify it for me. I’ve configured firewalls on each of my VMs, and most of the time, everything works as expected. However, occasionally, I notice strange logs, or even...

Hello, so I have hit a bit of a problem with recently learned software defined networking I created DHCP zone and network by following tutorial from wiki (Setup Simple Zone With SNAT and DHCP) After that I changed network config of existing LXC containers to use newly created VNet with DHCP IP...

Hey everyone, Been running Proxmox 8.x for a little over a month, loving the software. Hoping someone can help me out with firewall configuration…. I have decided the management interface and the VM network interface. Management interface is Bond0 (configured as LACP failover). I want to...

Hi, I have some VMs on my node and i'm using cloud-init to assign IPv4 to every VM. However it's possible to change IP from VM to IP of another VM. I want to block user being able to change IPv4 assigned by cloud-init, how the easiest I can do that? I was trying with ip filter but it didn't work.

Hi, on a PVE 7.4 cluster, with vmbr0 (vlan aware, stp off), connected to bond0 (2 physical interfaces), with firewall enabled at the cluster level, I have an issue when first opening connections. a VM protected (100) has a firewall policy in REJECT (so that connection errors are explicit) a VM...

Hello, I've been trying to isolate a Windows 11 VM from the internet and my LAN with the Proxmox firewall on the VM level. However I've been stuck trying to figure out why it is allowing inbound traffic from the whitelisted IPs but not outbound traffic to the whitelisted IPs. I can ping the VM...

Hi everyone, We are using Proxmox 7.2 as our hypervisor and using the Proxmox VPS Module on WHMCS 8.3 for the billing and provisioning automation. Recently, we added new VM template which is using Ubuntu 24.04 OS. Normally there is no problem when the VM is created via WHMCS, but we have...

Hello everyone, I'm trying to configure Proxmo with Port Knock so that I can access Proxmox together with Port Knock so that I can protect some Proxmox that I have on dedicated players, without running the risk of being left stranded, if necessary (currently I only release my fixed IPs, but...

I try to replace my routers DHCP Server with the ISC Kea Server in a LXC. As I'm new to this, I want to try it on a few client LXCs first. For this I want to block all DHCP requests that would go to the router and all DHCP requests that could reach the new DHCP Server from the outside of the...

Hello! I have 2 proxmox LXC containers connected to a standard Linux bridge. The containers are running Ubuntu 24.04, the first container works great and has the same configuration as the second one except it is assigned a different static ip obviously. For whatever reason, on the second LXC...