Hi,
I have a pve on Internet, I want to block any traffic between VMs, and allow them to go to Internet only.
I enabled the firewall on datacenter, node and vm level.
The node firewall works, I can only connect to it from my office public IP address, but the VM pve firewall doesn't DROP anything.
The default IN rule in all VMs firewall is DROP, anyway if from VM with IP 10.10.10.100 I do a "curl -k https://10.10.10.101", I get an answer from the webserver.
The firewall configurations only contain the "enable: 1" flag, there isn't the default DROP rule, probably because it's the default.
Thank you for any help.
EDIT: I add this is a nested PVE.
				
			I have a pve on Internet, I want to block any traffic between VMs, and allow them to go to Internet only.
I enabled the firewall on datacenter, node and vm level.
The node firewall works, I can only connect to it from my office public IP address, but the VM pve firewall doesn't DROP anything.
The default IN rule in all VMs firewall is DROP, anyway if from VM with IP 10.10.10.100 I do a "curl -k https://10.10.10.101", I get an answer from the webserver.
The firewall configurations only contain the "enable: 1" flag, there isn't the default DROP rule, probably because it's the default.
Thank you for any help.
EDIT: I add this is a nested PVE.
			
				Last edited: 
				
		
	
										
										
											
	
										
									
								 
	