firewall

  1. Config proxmox with firwall (1 NIC)

    Hello, i have a server with one nic connected to a switch with a /24 source /etc/network/interfaces.d/* auto lo iface lo inet loopback auto eno1 iface eno1 inet manual auto vmbr0 iface vmbr0 inet static address 192.1.24.66 netmask 255.255.255.192 gateway 192.1.24.65...
  2. Where Are The Default Firewall Rules At?

    Hello Everyone, According to the Wiki: "If you enable the firewall, traffic to all hosts is blocked by default. Only exceptions is WebGUI(8006) and ssh(22) from your local network." My question is, where are the configuration files for these two rules (WebGUI and SSH)? I checked in...
  3. [SOLVED] Proxmox secure firewall?

    Loving Proxmox at the moment. I wondered how good the Proxmox built in firewall was in a securing VMs/LXcs sense compared to virtualizing something like pfSense as either a VM or LXC. I'd appreciate users mileage on this one. I know that pfSense is a dedicated firewall application and so has...
  4. Cisco ASA FW Vs Proxmox FW

    We are a data center with 6 nodes of Proxmox VE and growing. We have customers that come to our website and order their VPS through our WHMCS which is using Proxmox VPS/Cloud module. We already have Cisco ASA Firewall which is handling our NATing and Vlans and everything is going smooth, but we...
  5. [SOLVED] Firewall-Fragen

    Hallo, ich habe Schwierigkeiten, die Firewall zu nutzen. Die Regeln greifen nicht. Kurz zum Setup: Eine Maschine mit ProxMox Virtual Environment 5.1-41 ist installiert. Darauf verschiedene VMs. Eine VM ist eine Windows 10-Maschine. Dort möchte ich den Netzwerkverkehr begrenzen. Zum Testen...
  6. Is It Best Practice To Use Proxmox Firewall or Firewall In VM?

    Hello everyone, Just curious what others are doing, but is it best to use Proxmox's firewall that is available in the webgui for each VM or use the VM's firewall available within the OS (e.g. ufw, firewalld, etc...)? I'm on Proxmox 5.2-2 and most of my VM's are a Linux distro (Ubuntu, CentOS...
  7. PVE suddently blocked WEB UI and SSH

    Hello, I would like to report a problem I just had this morning. Without any human intervention, it seems like the integrated firewall of PVE has started blocking any request even from hosts in the same subnet. Meanwile, every VM was working properly at this time. I was able to gain back access...
  8. proxmox and its vm unexpectedly closes ssh and web connections

    Hi, I have 3 Servers with proxmox installed, in one of them I have PFsense, and in that same server I have more VM, I use the following address: Network for users (10.9.109.X) Network for servers (10.9.110.X) WAN To extend the networks of users and servers I use a switch. I direct the...
  9. Bridge + NAT + FW = no internet in LXC

    Proxmox interfaces: hXXps://pastebin.com/0UWvW8QQ LXC container: lxc ip: 10.10.10.2/24 lxc gw: 10.10.10.1 Forwarded ports: iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 8888 -j DNAT --to 10.10.10.2:80 Firewall: Datacenter: FW: on Input: 22->8006->DROP Output: ACCEPT Proxmox: FW: on...
  10. Firewall in LXC containers

    Hello, I use ProxMox 5.2, and I can't activate firewall in containers. I activate firewall check in Network tab in the container. Later in Firewall > Options > I put Input and Output policy in DROP. But doesn't work. I do same in KVM machines, and it works fine. I forgot something?
  11. NAT + Firewall

    Deleted
  12. Suricata with NFQ (using Suricata IDS/IPS after host pve firewall)

    Hi, I'm trying to get suricata working with pve firewall at host level, but it won't work like i want. At the moment both is working but for my opinion in the wrong order. Cause it looks like suricata is acting before the pve firewall which is not right for me causeit only should detect and...
  13. No firewall logs at host level with log level debug

    Hi, I have a strange problem and can't find the solution at the moment, so maybe you can give me a hint where i have a problem :) First i want say the firewall is working like expected, only VPN Port is open, all others(like SSH or Proxmox GUI) are only reachable from internal network which is...
  14. Possible Bug in Firewall (ipv6)?

    This problem exists in V4.4 and V5.1.x ! Host-Firewall is running Network-Card is on Firewall ON General Option for Container - Firewall ON General Option for Container - Firewall Block Traffic incomming ALL Without firewall rule, they come no traffic Then I add a firewall security group -...
  15. Firewall Alias with Domainname

    Hi there, I've enabled an IPSet "Management" in my Firewall and added some IPs (home office and company). But my homeoffice sometimes changes the IP. Therefore I've configured all other systems, firewalls etc I need access to, to simply use a Domainname instead of the IP. Simply said, I'm...
  16. NAT and PVE firewall rules for outgoing connections on cluster and node level

    Hello! I'm using NAT network configuration for my VMs (Proxmox 5.1), and post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1 allows me to use both NAT and PVE firewall for controlling incoming connections on all 3 levels (cluster, node, VM). However, when I add PVE firewall rule...
  17. `pve-firewall status` stuck on "Status: enabled/running (pending changes)"

    Dear all, I have a cluster of 6 nodes, two of which having an issue with `pve-firewall status` stuck on "Status: enabled/running (pending changes)". Firewall is enabled on the Datacenter, on the node and on the VMs. I attached the output of `pve-firewall compile`: do you have any idea of...
  18. Firewall add multiple protocols

    Hi is it possible to add multiple protocols to an firewall rule for example TCP and UDP? I can´t find any syntax for that. I already tried TCP;UDP TCP/UDP TCP:UDP
  19. ipset filtering issues

    Hello, I did a small research relatively ipset filtering for LXC containers and it turns out that using a standard ipfilter-net* set matching IP/interfaces doesn't filter external IPv4 traffic very well, when it is going out from an IP not defined in set. For example we can create interface...
  20. firewall log prefix not works

    Hi. I use Proxmox 4.3-1 version. early I created iptables firewall and used it on lots of servers. There are some rules and the bottom lines are like that : -A INPUT -j LOG_DROP -A LOG_DROP -j LOG --log-prefix --DROP--: -A LOG_DROP -j DROP It's very easy. I use it on LVM that is on proxmox...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!