firewall

  1. C

    cluster.fw not inside /etc/pve/firewall ?

    Hello, I was following a video named "Proxmox VE Full Course: Class 11 - Integrated Firewall" in which the teacher was showing the location of the cluster.fw file to show its the spot where you would disable the firewall should you get stuck after enabling the firewall and locking yourself...
  2. S

    Firewall still allowing Ping after disabling ICMP rule

    So i'm currently learning proxmox on a mini pc at home, with the intention of deploying on a root server in the future. i was trying out the proxmox firewall function on datacenter and pve1 layer. i have a rule on the datacenter allowing tcp traffic on port 8006 for the web interface, same...
  3. R

    Firewall not working as Expected

    I have enabled Firewall on Datacenter, Node and VM level but it doesnt work fully. I disabled outgoing port 25 on my IP as shown in screenshot below but on port checker online it shows port 25 as open. I cant telnet into it still it shows open. I have enabled incoming macro mail in order for my...
  4. R

    Spam Received even after outgoing port 25 blocked

    Hello my clients are hosting mail servers and I want to block all outgoing emails for all my VM so i made firewall settings, at datacenter level, node level and security group and enabled it for all VMs For Datacenter its as follows For Node Level it is as follows For VM Level it is as...
  5. S

    Proxmox - Externer Zugriff aus dem Internet auf VMs, Firewall und Sicherheit - Fragen

    Hallo Zusammen, ich stehe im Moment total auf dem Schlauch. In großen Netzwerken gibt es in der Regel eine DMZ und in dieser immer eigene Hyper-Visor für spezielle VMs, welche von Extern (aus dem Internet) erreichbar sein sollen. Hier gibt es dann auch meisten größere Firewalls, welche den...
  6. P

    Unable to block 22 and 8006 traffic

    I'm following Jay's proxmox tutorial (https://www.youtube.com/watch?v=DNsLLrCgK0U&list=PLT98CRl2KxKHnlbYhtABg6cF50bYa8Ulo&index=12) and using exactly the same steps I receive different results: after turning on firewall both on datacenter and host level, I am not blocked. Both 8006 and 22 works...
  7. N

    Force all traffic in a bridge through router VM

    I have already searched for similar questions but wasn't able to find a satisfying answer (or maybe I just overlooked it). I have a VM with OPNsense that acts as a central firewall and router, which is connected to vmbr0 (WAN) and vmbr1 (LAN). There are multiple other VMs connected to vmbr1. I...
  8. U

    Unable to access My Proxmox GUI after changing Input Policy from Accept to Drop

    Hello, Please help me solve this issue. I had access to my Proxmox GUI interface. I was setting up firewall to allow a particular IP to access GUI. The only chande i made was to enable firewall and change Input Policy from Accept to Drop. Now i can access the GUI once more. I've try to follow...
  9. R

    Iptables inside LXC container not blocking anything

    I've been hitting my head to the brick wall that is iptables inside a Debian 11.3 container in Proxmox. I cannot seem to get it to block anything and there seems to be some contradicting discussions about if iptables should even work inside LXC. I do use Proxmox firewall as well, and it is...
  10. J

    Overlapping WAN's in firewall

    Hello This is currently my network configuration. I am using my public ip .116 for my PVE e, another public ip .118 as a NAT network for my VMs. The public ip .118 is connected to the firewall as WAN and the firewall then controls all the traffic. Now on the firewall I would like to also add...
  11. M

    Loading custom iptables rule on startup with post-up fails

    Hello everyone I have a custom firewall rule for a few VMs that I can't enter in the GUI. The most elegant way would be to load it directly at startup by "post-up" in the /etc/network/interfaces file. The rule looks like this: ip6tables --insert tap181i0-IN -m mac ! --mac-source...
  12. B

    Proxmox FW needed or not with an OPNsense VM?

    Hello everyone, I'm trying to make my own router/firewall with OPNsense as a VM in Proxmox. What's not clear to me is if I can let OPNsense connect to the internet directly, or if that put Proxmox at risk and thus I should add the Proxmox Firewall to be safe? In both cases Proxmox will be...
  13. G

    [SOLVED] Site-to-site-VPN (IPSec): Routingprobleme

    Hallo, ich habe es als Anfänger nach vielen Tagen endlich geschafft, auf einem Debian-11-basierten Container mit StrongSwan ein Site-to-site-VPN per IPSec zustande zu bringen. Auf Seite A habe ich routerseits (Ubiquiti DreamMachine Pro) ein Port-forward für 500 und 4500 auf die lokale IP des...
  14. C

    Fr: Refusé l'accès au réseau local pour ne pas pouvoir ping les machines

    Bonsoir, je voudrais empêché mon contenaire(VM) de pouvoir avoir accès a mon réseau local. J'ai essayer de faire des règles de pare-feu mais je galéré un peut. Si une personne pourrait m'aidé. Voici la configuration principale de mon proxmox et mon réseau: Ip proxmox : 192.168.1.62/24 Ip...
  15. B

    CSF vs VMs firewall

    Hi, Do i really need VM firewall enabled while i have CSF installed on cPanel/WHM? Or the VM firewall is more used for specific ports to be blocked and accessed only from specific devices/IP whereas CSF is more used on the cpanel/WHM level for protection? I guess my question is if i waste a...
  16. K

    How to setup interface specfic firewall setting?

    Hi, I want to setup different firewall setting on different interface on the same VM. How do I set it in this scenario? eth1: Enable IPFilter (Do not allow IP spoofing) Enable Mac Filter (Do not allow MAC spoofing) eth2: Disable IPFilter (Allow IP spoofing) Enable Mac Filter (Do not allow...
  17. Z

    Homelab: can't ping VMs behind Router VM

    This is 4th try after getting no responses from Stack Exchange sites [1, 2, 3] and I've been fighting with this issue for ~2 weeks. I really hope someone can help me with this issue. --- I have a setup like this (this diagram is also available here): I'm running a single PVE host in my...
  18. U

    [TUTORIAL] Configuration of PVE Firewall for PMG Guest

    This is a rough draft of an idea from this thread over in the PMG forum: https://forum.proxmox.com/threads/how-to-close-open-port-111.43310/ Two notes: it would be nice if a future version of PVE included macros for PVE web interface and PMG Submission. There is "Submission" but that's not port...
  19. M

    Firewall setting for NFS Shares

    Hello, i need help for the Firewall settings for NFS Shares in VM's. My Proxmox Server has 3 different LAN Interfaces for WAN LAN and DMZ. I have different VM and container in this networks. My Problem: In the DMZ i have a Debian11 VM and try to connect an NFS Share from my NAS in the LAN...
  20. U

    Howto set Firewall rules with 1NIC / 2 IP's

    Hi Forum. I have some questions, since I've reinstalled a Couple off times for making this setup rigth. I have 1 Dedicated Server hosted Only physical 1NIC 2Public IP's - on vmbr0 The 2. public IP on vmbr0 but bounded by MAC address, so I have a VM running PFsense for this secondary IP...