firewall

  1. firewall pending changes

    Hello I'm trying to configure a firewall on a proxmox datacenter. For that I first created a security group and applied it solely to one node of the cluster. This was for testing before I apply it to all other nodes. When I found that it didn't work, I ssh'd into it and allowed the traffic...
  2. Allow ping among LXC in the same private network

    Hey everyone! I have read the PVE Firewall documentation plus a bunch of posts on these forums and, if I have understood correctly, there is no way to configure a single rule allowing ping among all LXC in the nodes of a Proxmox 7 cluster as rules at the datacentre level don't apply to...
  3. structuring network - proxmox and pfsense

    Hi, i am restructuring our proxmox cluster network and i have some doubts and requests for suggestions that i expose below My scenario is as follows (1) two public IP ports (untagged vlan) on different servers (2) seven ports (tagged vlan) (3) I don't have direct access to the switch of (1)...
  4. proxmox firewall flow diagram

    Hello everyone, Guys, I'm still trying to figure out what is the best way to configure proxmox firewall, I have been using iptables for long time, but I feel crazy when looking and trying to understand all relations in proxmox node firewall. Do you have any diagram to get more clear view how...
  5. I cannot reach the VMs in the cluster subnet

    Hi, I have installed proxmox on an OVH cloud, following a restart of the cluster I can no longer reach the VMs of one of my subnets. In practice I have a vm that has the wan in the subnet 192.168.3.x / 24 and from the cluster it is not reachable. below I am attaching the configurations set on...
  6. Restrict access to LAN

    I'm experimenting with the Security Group feature for the first time. I've read the documentation but can't quite put my finger on it... I have a KVM running LMDE and want it to be able to access the internet, but not any devices on the LAN. The use case is to give users linux virtual machines...
  7. VMs cannot resolve domains while connected to virtualized OPNsense

    Hello all, I virtualize my firewall via OPNsense, and previously had it set up using Hyper-V core. I recently began the move to Proxmox, but have been struggling with a couple issues. Note, I am not necessarily the most experienced in networking, as most of my knowledge is self-taught. For...
  8. [SOLVED] ProxMox OpenVPN cannot connect

    First I would like to apologize for my English. I have server with installed ProxMox 7.1-10 and maked CT from template debian-10-turnkey-openvpn_16.1-1_amd64.tar.gz. The server has 4 IP's, configured PREROUTING and POSTROUTING nat rules for translate network from vmbr0 to vmbr1 and reverse. #...
  9. powersupport

    How block in ports in proxmox firewall

    Hi, I am trying to block a port for a VM on proxmox for incoming traffic, but it looks not working, please refer to the rule I created in the attachment. Anyone can advise on this? Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if...
  10. Slow Download Speed

    Hi, I have an old TS140 with 2 NICS both speed is 1Gbps, the server got 14GB DDR3 RAM, and i3 4170 CPU, internet speed is 500/20. I installed proxmox on it, 1 Windows server virtualization, and 1 for nat/firewall/dhcp/dns called zeroshell. Upload speed just works fine, but download speed is...
  11. [SOLVED] i have install Configserver Firewall on PVE 7.1.10 need help with ports TCP UDP ?

    Hello and thanks in advance for your help/ I have installed CSF Configserver firewall script to my server Debian 11 PVE 7.1.10 Proxmox proxmox-ve: 7.1-1 (running kernel: 5.13.19-4-pve) pve-manager: 7.1-10 (running version: 7.1-10/6ddebafe) pve-kernel-helper: 7.1-12 pve-kernel-5.13: 7.1-7...
  12. ARP resolution not working while using Firewall and OVS

    PVE 7.1-10 Kernel: Linux 5.15.19-1-pve #1 SMP PVE 5.15.19-1 I have created two vms (id 9000, ip 192.168.200.120 and 9001 IP 192.168.200.121) with ubuntu linux 20.04 on a proxmox 7.1-10 cluster. Both vms have proxmox firewall settings enabled (see configuration below), also the cluster has...
  13. bfwdd

    Suricata Integration / Firewall Iptables

    Hello everyone, according to WIKI the suricata integration take place under /etc/pve/firewall/<VMID>.fw, and the rule will be automatically added to the iptables . It is exactly my case however i am not receiving alerts at Suricata. this is how the rule looks like: 2 NFQUEUE all --...
  14. VM Firewall an/aus (ständig Änderungen notwendig)

    Hallo, wir haben hier ein 7.1-10 Cluster aus 8 Hosts (alle Debian) mit vielen VMs. Seit dem Upgrade von der 6er Version gibt es folgendes seltsame verhalten. Wenn auf einem PVE Host das Netzwerk mit "systemctl restart networking" restartet wird, haben alle VM's des Hostes keinen Zugriff auf...
  15. bfwdd

    Forward traffic to Suricata, NFQUEUE, PVEFW-IPS

    I am actually trying to link Pve-IPS output to suricata. I am running suricata using the NFQ mode and im sending traffic to suricata with the gateway-scenario using the following cmd: # iptables -I FORWARD -j PVEFW-IPS The problem is every time i restart the host the added rule is gone (-A...
  16. [SOLVED] have a firewall in proxmox

    I have now a proxmox on a Dell T1700 and it works very well. I have some VM connect but now I'm a little curious to maybe add a networks card with four ethernet and also use it as a firewall/router. What are the pros and cons of having a virtual router / firewall in Proxmox to handle internet...
  17. [SOLVED] How can I access Proxmox WebUI from a device on a different network?

    Hello everyone, I have a fresh install of Proxmox 7.1-7 with the WebUI being on a 192.168.1.0/24 network and I'm trying to access it from a 192.168.35.0/24 network. I have two older Proxmox machines on the same 192.168.1.0/24 network and I'm able to access their WebUI's from my 192.168.35.0/24...
  18. Webinterface Zugriff absichern

    Guten Abend zusammen, ich bin aktuell dabei mein neuen Proxmox Host einzurichten. Der Host steht bei einem Anbieter im Rechenzentrum. Ich habe leider aktuell keine Möglichkeit den Host hinter eine Firewall etc. zu hängen, und versuche den Zugriff auf den Host so gut wie möglich abzusichern...
  19. PVE-Firewall blocking OVS-bridge

    Hi, So I am trying to set up a simple OVS bringe with a single NIC. Config: auto lo iface lo inet loopback allow-vmbr0 ens3 iface ens3 inet manual ovs_type OVSPort ovs_bridge vmbr0 ovs_mtu 1450 allow-ovs vmbr0 iface vmbr0 inet static address 158.37.63.230/24...
  20. [SOLVED] Cluster-Wide Firewall Rules Not Working on One Node

    I have an odd issue with my cluster-wide firewall that I can't seem to figure out. I want to limit Proxmox GUI access to one network (192.168.10.0/24) on all nodes. I've been able to accomplish this on 5 of my 6 nodes, but don't understand why I can't make it work on the final node. I have 6...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!