firewall

Hallo. Nach langer Zeit, ich mal wieder mit einem Problem. Seit drei Tagen versuche ich mein Problem in den Griff zu bekommen. Ich stelle grade mein Heimnetz um, mit einer Hardware Firewall vor meinem Proxmox-Server. Dazwischen kommt später noch ein Switch. Da ich den Server neu einrichte...

I’m trying to integrate OpenID Connect (OIDC) on my Proxmox server using Microsoft Entra ID (Azure AD). However, by default, internet access is blocked on the Proxmox host via the firewall. To allow OIDC to work properly, which specific URLs or domains should I whitelist to enable authentication...

Hello guys, My proxmox firewall is not working what I have now: Datacenter: yes and input/output/forward policy = drop Node: firewall=yes NIC: firewall=1 VM: firewall =yes and input and output policy = drop With these settings you think you would not have a internet connection but I have...

I use a cloud on internet running proxmox and want to filter some connections for connecting and others for not connecting vms. Typical plan for firewall. Now I got some rules running including nat from inside to outside, pre-nat for vpn outside to inside and some others for dhcp function. But...

I’m working on a home lab setup where I have my Proxmox server on a separate VLAN from my main home network. The Proxmox box used to live on a different network and worked perfectly fine there, but I’ve since moved it into a segmented VLAN behind a Cisco router. Now, I’m trying to access the...

This is a weird one, as I'm honestly not sure if it's a firewall thing, some kind of out-of-the box security thing or an Ansible thing but here goes: I've got a fresh LXC container that I'm planning to use Ansible to configure. I have setup some firewall rules so that SSH into it just fine...

Hallo zusammen. Wir bekommen demnächst einen neuen Internet Anbieter (Glasfaser 1 Gbit) und in dem Zuge möchte ich statt auf einen Hardware router auf opnsense setzen. Spricht aus Eurer Perspektive irgendwas dagegen diesen auf proxmox VM laufen zu lassen oder würdet ihr aus Gründen...

Hi everyone, I'm encountering an issue where my host-level iptables NAT rule (for VMs on a private bridge to access the internet) stops working when I enable the Proxmox VE firewall on the VM's network interface. Setup: Proxmox VE Host - Dedicated server VMs are on a private bridge vmbr1...

Hi All, Fairly new to home lab/pfsense, and below is my current setup I have pfsense running on proxmox. Proxmox is installed on a Dell Wyse 5070. It has one inbuilt NIC, that I use for WAN and another 2.5 Gig NIC that I use for my LAN. Proxmox has a bridge (vmbr0) that connects to my 2.5 Gig...

1.I find that I can capture the IPV6 Neighbor solicitation packet on my virtual machine but on the pve vmbr1 I can not caputre the packet.. My topology is vmbr1 is the linux bridge of enp2s0, and my virtual machine's eth1 is bridge the vmbr1.. please see the attachment of the capture...

Hi all, I've set up a VM for Minecraft and it appears to be running correctly (from the cli - I don't play). The correct port, however, isn't open. I have a Verizon FIOS router and behind that I have an OpenWRT router and then the ProxMox machine. The FIOS router holds my public IP. The VM...

Hello, I am using Proxmox 8.3.3. and after a reboot I cannot access GUI, cannot ping proxmox or any VM (VMs are not online as well). I can reach proxmox server over SSH anr Winscp. There are no errors (I went through previous threads on this subject and all rights to folder and certificates...

I have an internal vnet with systems that needed access to the Internet. With the newer proxmox-firewall I was able to create a new table with the necessary rules and save the changes to /etc/nftables.conf but the rules are not loaded at boot. The documentation says this on custom rules: "If you...

Hello everyone, Let me explain the situation to see if you can help me: I have configured the firewall in Proxmox to access a container running Proxmox Backup Server. The rules I’ve applied to the PBS container are the following: Block any request and protocol from any IP. Allow TCP...

I'm trying to get coolercontrold up on my PVE instance. When installed on host and initialized, logs output: IPv4 bind error: Could not bind to standard IPv4 loopback address on port 11987 Is there any sort of firewalling measure on PVE that could potentially cause this?

I'm having issue with pve-firewall having "pending changes" as soon as I enable nftables at the host level pve-firewall status Status: enabled/running (pending changes) Restarting pve-firewall does not help Deleting all VNet firewall rules does not help Linux x3 6.8.12-4-pve #1 SMP...

Hello all, I have discovered a big bug: When we edit an alias name or IPSet name, rules with alias or IPSet (alias into IPSet too) are not updated with new name. I have tested with: Datacenter firewall: -> /etc/pve/firewall/cluster.fw Node firewall: -> /etc/pve/nodes/XXXX/host.fw VM...

Hello all, I have discovered a big bug: When we edit an alias name or IPSet name, rules with alias or IPSet (alias into IPSet too) are not updated with new name. I have tested with: Datacenter firewall: -> /etc/pve/firewall/cluster.fw Node firewall: -> /etc/pve/nodes/XXXX/host.fw VM...

I've been testing out the newer nftables-based firewall, and outside of the (very annoying) syntax changes for iplists/aliases, it seems to be working well. However, I noticed an issue when configuring a VM that has three network interfaces. Only two of the three interfaces have the firewall...

Help! I have TS3 running on a lxc. I can connect to the TS3 server locally and externally as long as the container's firewall is deactivated. There are two security groups added: 1. webserver - accepts incoming HTTP and HTTPS (80 and 443) and also SSH (22); no source port, no destination or...