Access VM on private net via public ip?

mad1993max

Member
Jan 4, 2016
5
0
21
31
Hi I only have on single public ip bound to my mac address, so I set up the default network card as described here: https://pve.proxmox.com/wiki/Network_Configuration (Masquerading)

public ip 192.170.64.54 -> to eno1
private network 10.10.10.0/24 -> on vmbr0

all vm's are connected to vmbr0 in the 10.10.10.0/24 network

Now I need to access a webserver on one vm machine (10.10.10.3), set up iptables port forwarding like that:


Code:
iptables -t nat -A PREROUTING -p tcp --dport 8888 -j DNAT --to-destination 10.10.10.3:80
iptables -t nat -A POSTROUTING -p tcp -d 10.10.10.3 --dport 80 -j SNAT --to-source 192.170.64.54

put I can't reach it from within the 192.170.64.0/24 network, what am I missing here?

Best regards Max
 
I've only ever set one up that needed to externally available and just used a dedicated Nic. If you only have one physical port, have you looked at using a vlan? Upstream you'll need to use a managed switch or a router capable of routing that vlan to your gateway.
 
I've only ever set one up that needed to externally available and just used a dedicated Nic. If you only have one physical port, have you looked at using a vlan? Upstream you'll need to use a managed switch or a router capable of routing that vlan to your gateway.

ok so I installed a second nic, but I still cant get it to work with two networks on the same witches.

NIC1 -> (net1) static 192.168.0.10

NIC2 -> (net2) bridge 10.10.10.1

Untitled Diagram(1).jpg

I cannot ping from my second computer the 10.10.10.1 port, this is my configuration file:

Code:
auto lo
iface lo inet manual

auto enp2s0
iface enp2s0 inet dhcp


auto enp1s0f0
iface enp1s0f0 inet manual

auto vmbr0
iface vmbr0 inet static
        address  10.10.10.1
        netmask  24
        bridge-ports enp1s0f0
        bridge-stp off
        bridge-fd 0
        pridge_stp off
        pridge_fd 0
 

Attachments

  • Untitled Diagram.jpg
    Untitled Diagram.jpg
    28 KB · Views: 7

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!