Block Proxmox server access from one or more VMs

[Sasha Sandow]

If anybody could help point me in the right direction, I am still fairly new at Proxmox

I have just setup a new Windows server on a dedicated NIC (on it's own network bridge), this is connected directly to a DMZ port on our hardware firewall. The problem is I want to block all access to the server (Proxmox) on this subnet or even just this VM (preferably the whole subnet). The VM is securely separated from our LAN network but I noticed I can still logon to the Proxmox server from the Windows VM, by just using the IP address assigned to the network bridge....

Does anybody have a simple solution to block access to the Proxmox server from this network-bridge, subnet or even just from the single VM on this subnet?

Thanks,
S

 

[wolfgang]

Hi,

simply remove the IP of the vmbr wich is used by the DMZ.
A bridge need not necessarily need an IP.

 

[wolfgang]

Be sure you have an alternative way to manage the PVE host.

 

[Sasha Sandow]

Be sure you have an alternative way to manage the PVE host.

Awesome...Thank you so much... Very simple solution that allows me to protect the server from the DMZ but still allows me to program all my security on our firewall (hardware).... Did not realize that was an option... And yes still have full management from our LAN (or VPN) which is on a whole other bridge....