firewall

Hello, I have a dedicated server with ProxMoX with one Windows Server VM inside it with a public IP. Inside VM the port 1433 is open but it's filtered from node. Firewall in ProxMoX (Datacenter, node, VM0 is disabled. nmap 1.1.1.1 -p1433 Starting Nmap 6.40 ( http://nmap.org ) at 2020-08-12...

Hi, I get a "timeout" when I try to access other guests via Proxmox Shell via cURL. There is no extra obstacle or command in the firewall. However, access is timing out. What could be the reason for this and how can I turn on port access? Proxmox 5.4-3 root@compute-ua:~# curl...

My network has some issues. When the network traffic increases, the network connections tend to be very slow even though it's an 10GB network. I'm not sure whether it's proxmox-related or not. Example: VMx = virtual machine x VHx = proxmox virtual host x VM1 = 192.168.0.51 (E2:A9:CC:75:79:AF)...

Hey guys, I think there is a bug @ PVE's firewall when doing vlans. Here's my setup: Home "server" - PVE 6.2-4 - only has 1 Ethernet interface. 1. Mikrotik router connected to fiber-ONT bridged port - gets an external IP via DHCP and does nat / masq on 192.168.100.0/24 for the internal...

My Firewall has 5 Interfaces: 3 Interfaces for WAN (External IPs) 1 Interface for LAN (10.0.0.10) 1 Interface for DMZ (192.168.0.10) The OpenVPN Server is listening on tcp Port 443 and udp Port 1194 (WAN Interface) My proxmox Server hast two Interfaces: 1 Interface for LAN (10.0.0.3) 1...

hello, I have 4 hosts connected per WG. 2 are PVE with public IP 1 PVE Laptop 1 VM (public Cloud) the PVE hosts are not reachable. turning WG debugging on, exposes: wireguard: vpn-serv0: Failed to give packet to userspace from peer 1 (xxx.xxx.xxx.xxx:51820) … the moment I turn off FW, all...

The documentation at https://pve.proxmox.com/wiki/Firewall seems to indicate that "If you enable the firewall, traffic to all hosts is blocked by default. Only exceptions is WebGUI(8006) and ssh(22) from your local network." ports 8006 and 22 are allowed by default when enabling the firewall. On...

Hi, We use extensively proxmox HTTP API for creating/managing our containers. We do multiple HTTP requests to API 24/7 - approximately 100-200 per minute. Whole day our service is able to connect to HTTP API and perform needed actions. However, everyday around 18:30 GTM+1, HTTP API for...

Hi I am try to achieve the following: Only a certain list of IP must be able to access the VM (80, 8080, but, in general all ports). IP that are not in the list will have their packets DROP/REJECT. The goal is to only allow the access from two physical sites that do have a static IP address...

Hi everyone, I would like to add a firewall rule via pvesh API to the cluster. First, my proxmox version: root@tfg ~ # pveversion -v proxmox-ve: 6.1-2 (running kernel: 4.19.0-8-amd64) pve-manager: 6.1-8 (running version: 6.1-8/806edfe1) pve-kernel-helper: 6.1-8 pve-kernel-5.3: 6.1-6...

Guten Tag, ich habe ein (hoffentlich) kleines Problem. Ich habe für meine freigegebenen Ports nun Einträge in der Firewall auf dem (Rechenzentrum) angelegt und die Firewall dort und in der VM an sich aktiviert. Jetzt möchte ich zum Beispiel den in der interfaces gerouteten Port 1222 (zur...

Hallo, ich bin recht frisch mit proxmox unterwegs und hab nicht so viel Erfahrung. Ich hoffe auch ich bin nicht die 100 Person die das Fragt ... Meine Proxmox Maschine ist bei mir im Netz und ich hab eine Ubuntu VM ( Ubuntu 19.10 mit GUI). Da ich die als eine Art Sharehost für zu Hause...

Hi, We use proxmox firewall to manage access rights to fleet of our CTs (70+ concurently running CTs). I have observed couple of problems: 1) - Created container does have default INPUT and OUTPUT policy to DROP When adding new network card to container with firewall=1 parameter, we can...

Hi all, I'm running a 4 node pve cluster (6-1.3) with ovs installed. All networks configured using ovs and all interfaces are LACP bonded. OVS BOND (LACP) -> OVS BRIDGE -> VMS -> Intports Recently I noticed Windows VMs using intel E1000 drivers disconnecting after some...

Hi, I have 2 node datacenter, nodes have public IPs and are also connected with each other through VRACK. Datacenter: Node 1: PRIVATE IP: 192.168.0.2, PUBLIC IP: 1.2.3.4 Node 2: IP 192.168.0.3, , PUBLIC IP: 2.3.4.5 When I enable firewall cluster wide, following things happen: - I cannot use...

Hey, first of all thank you for a great product, which I've been using happily for about three years now in a home setting. I've really enjoyed using the proxmox firewall which is configurable outside of the guest systems. I'm also using local firewalls on the guest systems ('host based'...

Einen schönen guten Abend Ich würde gerne mehrere Aufgaben mit einem Gerät bewältigen. Hauptsächlich hätte ich gerne eine "normale Desktop Workstation" sowie eine Firewall. Konkret dachte ich an folgende VMs: OPNsense als 24/7 Firewall mit 10 GBit/s auf der WAN-Seite. Die 10 GBits hätte ich...

Hello, maybe this question has been asked before a lot. I've googled all possible solution to get optimal firewall configuration couldn't find a reference that can help, I don't need tutorials I need conf example file or something to build on. A firewall configuration that: - Give internet...

Hello, I have an issue, I want to use embeded firewall with one public IP, and the container can't access to internet. enable: 1 policy_in: ACCEPT [RULES] IN SSH(ACCEPT) -log nolog IN ACCEPT -p tcp -dport 8006 -log nolog root@opale:~# cat /etc/pve/firewall/100.fw [OPTIONS] policy_in...

I have a 3 node cluster setup in production. Recently we discovered a problem where fragmented UDP packets were being dropped somewhere along the way from our vm's. Finally we tracked to culprit down, and it was the fact that proxmox had set net.bridge.bridge-nf-call-ip6tables = 1...