firewall

If I look at Firewall -> Options on the Datacenter, Firewall is "No". This is consistent with the docs at https://pve.proxmox.com/pve-docs/chapter-pve-firewall.html#pve_firewall_cluster_wide_setup If I look at each node individually, Firewall is "Yes". I see no /etc/pve/firewall/cluster.fw and...

Hi, Guys, I just enable the PVE Cluster Firewall , and found there is one default rules on Chain PVEFW-smurfs and PVEFW-smurflog blocked some of broadcast network packages, it me caused my load balancer IP setup in VM encounter issue, could any one tell how can I disable this rules or modify it...

What im trying to achieve is to have a VM that has no way of communicating with the rest of the devices on the LAN. The configuration below seems to work but i wanted some of your thoughts on it. My aim to have the VM accessible by another person using a remote tool (e.g., AnyDesk) but prevent...

pve host：has network traffic. vmid=102, guest os: config bridge to vmbr4, but cant get network traffic. why?

Moin, mir zerbricht ein Problem den Kopf. Ich bin zwar vom Fach (IT-Systemelektroniker) aber ich finde den Fehler nicht bei meinem Homeserver. Habe die Proxmox Firewall so konfiguriert das nur http und https erlaubt sind. Funktioniert soweit. In der Fritzbox sind auch die Weiterleitungen...

Hi, I noticed my windows firewall service in the VM is not running and it is even greyed out, so I cannot start it. Is this a Proxmox thingy??

I'm trying to set up Proxmox VE firewall rules; except those rules don't seem to do anything on CT level. I had enabled firewalling at: Datacenter level PVE level CT's vNIC (net0) level CT level ^ The minute I enable firewalling completely, I can see that all the incoming connections are...

Hey everyone! I have read the PVE Firewall documentation plus a bunch of posts on these forums and, if I have understood correctly, there is no way to configure a single rule allowing ping among all LXC in the nodes of a Proxmox 7 cluster as rules at the datacentre level don't apply to...

Hi, i am restructuring our proxmox cluster network and i have some doubts and requests for suggestions that i expose below My scenario is as follows (1) two public IP ports (untagged vlan) on different servers (2) seven ports (tagged vlan) (3) I don't have direct access to the switch of (1)...

Hello everyone, Guys, I'm still trying to figure out what is the best way to configure proxmox firewall, I have been using iptables for long time, but I feel crazy when looking and trying to understand all relations in proxmox node firewall. Do you have any diagram to get more clear view how...

Hi, I have installed proxmox on an OVH cloud, following a restart of the cluster I can no longer reach the VMs of one of my subnets. In practice I have a vm that has the wan in the subnet 192.168.3.x / 24 and from the cluster it is not reachable. below I am attaching the configurations set on...

I'm experimenting with the Security Group feature for the first time. I've read the documentation but can't quite put my finger on it... I have a KVM running LMDE and want it to be able to access the internet, but not any devices on the LAN. The use case is to give users linux virtual machines...

Hello all, I virtualize my firewall via OPNsense, and previously had it set up using Hyper-V core. I recently began the move to Proxmox, but have been struggling with a couple issues. Note, I am not necessarily the most experienced in networking, as most of my knowledge is self-taught. For...

First I would like to apologize for my English. I have server with installed ProxMox 7.1-10 and maked CT from template debian-10-turnkey-openvpn_16.1-1_amd64.tar.gz. The server has 4 IP's, configured PREROUTING and POSTROUTING nat rules for translate network from vmbr0 to vmbr1 and reverse. #...

Hi, I am trying to block a port for a VM on proxmox for incoming traffic, but it looks not working, please refer to the rule I created in the attachment. Anyone can advise on this? Also, actually, I am looking to block all the ports for incoming traffic except a few(for VM), is it possible? if...

Hi, I have an old TS140 with 2 NICS both speed is 1Gbps, the server got 14GB DDR3 RAM, and i3 4170 CPU, internet speed is 500/20. I installed proxmox on it, 1 Windows server virtualization, and 1 for nat/firewall/dhcp/dns called zeroshell. Upload speed just works fine, but download speed is...

Hello and thanks in advance for your help/ I have installed CSF Configserver firewall script to my server Debian 11 PVE 7.1.10 Proxmox proxmox-ve: 7.1-1 (running kernel: 5.13.19-4-pve) pve-manager: 7.1-10 (running version: 7.1-10/6ddebafe) pve-kernel-helper: 7.1-12 pve-kernel-5.13: 7.1-7...

PVE 7.1-10 Kernel: Linux 5.15.19-1-pve #1 SMP PVE 5.15.19-1 I have created two vms (id 9000, ip 192.168.200.120 and 9001 IP 192.168.200.121) with ubuntu linux 20.04 on a proxmox 7.1-10 cluster. Both vms have proxmox firewall settings enabled (see configuration below), also the cluster has...

Hello everyone, according to WIKI the suricata integration take place under /etc/pve/firewall/<VMID>.fw, and the rule will be automatically added to the iptables . It is exactly my case however i am not receiving alerts at Suricata. this is how the rule looks like: 2 NFQUEUE all --...

Hallo, wir haben hier ein 7.1-10 Cluster aus 8 Hosts (alle Debian) mit vielen VMs. Seit dem Upgrade von der 6er Version gibt es folgendes seltsame verhalten. Wenn auf einem PVE Host das Netzwerk mit "systemctl restart networking" restartet wird, haben alle VM's des Hostes keinen Zugriff auf...