cannot connect to web UI from windows

E

egidijus

Renowned Member
Sep 20, 2015
8
1
68
London
github.com
Hello,

I have been using my proxmox installation for about a year, but every time I make networking changes on the proxmox machine, my windows machine cannot access the web UI.

## My network

  • - 192.168.5.0/24
  • - gateway/router, physical device pfsense, 192.168.5.1
  • - client machine, physical device windows 10, 192.168.5.171
  • - proxmox server, physical device Proxmox VE 8.2.4 x86_64, 192.168.5.111 and 192.168.5.112

## Troubleshooting

  • - I am able to ssh to proxmox.
  • - I am able to curl from WSL or another linux host on the same subnet, and get a response from proxmox ui `curl -ivLk https://192.168.5.111:8006/#v1:0:18:4:::::::`
  • - I have restarted the router, swithes, windows 10 client machine, proxmox.
  • - I have tried using firefox and chrome and edge.
  • - `systemctl status` shows services running healthy on proxmox.
  • - I have flushed the arp tables and /release /renew ip addresses on windows client machine.
  • - Curling from the windows client machine times out/connection reset.


curling from windows machine

Code: 
curl -ivLk https://192.168.5.111:8006/
*   Trying 192.168.5.111:8006...
* Connected to 192.168.5.111 (192.168.5.111) port 8006
* schannel: disabled automatic use of client certificate
* schannel: using IP address, SNI is not supported by OS.
* ALPN: curl offers http/1.1
* Recv failure: Connection was reset
* schannel: failed to receive handshake, SSL/TLS connection failed
* Closing connection
* schannel: shutting down SSL/TLS connection with 192.168.5.111 port 8006
* Send failure: Connection was reset
* schannel: failed to send close msg: Failed sending data to the peer (bytes written: -1)
curl: (35) Recv failure: Connection was reset



> Proxmox network config
> /etc/network/interfaces

Code: 
auto lo
iface lo inet loopback


auto enp2s0
iface enp2s0 inet manual
        mtu 9000
#PRIMARY_UI


auto enp3s0
iface enp3s0 inet static
        address 192.168.5.112/24
        mtu 9000
#BACKUP_UI


iface enp4s0 inet manual


iface enp5s0 inet manual


iface enp6s0 inet manual
#eth4_opnsense_lan_out


iface enp7s0 inet manual
#eth5_opnsense_wan_in


auto vmbr0
iface vmbr0 inet static
        address 192.168.5.111/24
        gateway 192.168.5.1
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0
        mtu 9000
#pve02_shared

1725979126230.png
 
Can you ping from the Windows machine?

Overall I wouldn't recommend using the same subnet on two different NICs, if you don't need absolutely need two IP Addresses on the same subnet, I would do an active-backup bonding on those 2 NICs and just use the same IP address. Otherwise, the answer of your request will reach one interface and go out on the other one. There are ways to circumvent it, but overall this solution is much easier.

Are you using an MTU of 9000 on your Windows machine as well?
 
Using TCP dump on proxmox I see incoming connection from my windows machine on the port 8006.
I am curling to proxmox from windows machine and running tcpdump like this:

Code: 
sudo tcpdump port not 22 and host 192.168.5.171 --interface enp2s0

But after a few acks, nothing ... no connection.

Code: 
12:02:34.756188 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:34.757226 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:34.757560 IP 192.168.5.171.63575 > 224.0.0.252.5355: UDP, length 34
12:02:35.171515 IP 192.168.5.171.63575 > 224.0.0.252.5355: UDP, length 34
12:02:35.757918 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:35.758700 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:35.773386 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:35.774049 IP 192.168.5.171.51188 > 224.0.0.252.5355: UDP, length 34
12:02:35.774218 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:36.037858 IP 192.168.5.171.39790 > 192.168.5.111.8006: Flags [S], seq 564909357, win 62720, options [mss 8960,nop,wscale 8,nop,nop,sackOK], length 0
12:02:36.038089 IP 192.168.5.171.39790 > 192.168.5.111.8006: Flags [.], ack 3301062226, win 8400, length 0
12:02:36.054835 IP 192.168.5.171.39790 > 192.168.5.111.8006: Flags [P.], seq 0:81, ack 1, win 8400, length 81
12:02:36.055608 IP 192.168.5.171.39790 > 192.168.5.111.8006: Flags [.], ack 248, win 8399, length 0
12:02:36.091298 IP 192.168.5.171.39790 > 192.168.5.111.8006: Flags [F.], seq 81, ack 248, win 8399, length 0
12:02:36.102858 IP 192.168.5.171.39791 > 192.168.5.111.8006: Flags [S], seq 845919456, win 62720, options [mss 8960,nop,wscale 8,nop,nop,sackOK], length 0
12:02:36.103058 IP 192.168.5.171.39791 > 192.168.5.111.8006: Flags [.], ack 2846026519, win 8400, length 0
12:02:36.116383 IP 192.168.5.171.39791 > 192.168.5.111.8006: Flags [P.], seq 0:168, ack 1, win 8400, length 168
12:02:36.188795 IP 192.168.5.171.51188 > 224.0.0.252.5355: UDP, length 34
12:02:36.775841 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:36.776608 IP 192.168.5.171.mdns > mdns.mcast.net.mdns: 0 A (QM)? PRINTERDCP-L3550.local. (40)
12:02:41.117814 IP 192.168.5.171.39791 > 192.168.5.111.8006: Flags [.], ack 1, win 8400, length 0

To add insult to injury, I have docker running on this proxmox, and a few containers that I can happily access via browser (ports 1999 and 5001)
 
Last edited:
I am able to connect to the proxmox ui via IPV6 address??
I tried disabling IPV6, but netstat still shows listening on tcp6.
After reverting sysctl changes, and enabling IPV6 netstat shows it is only listening on IPV6

Code: 
tcp6       0      0 :::8006                 :::*                    LISTEN      -
 
I found the solution:
- My windows machine has a "RealTek Semiconductor RTL8125 Gaming 2.5GbE" network adapter built in to the motherboard.
- When I configure 9000 MTU on my proxmox network, my windows machine cannot connect to the proxmox host.
- I have tried changing "network adapter" configuration on the windows machine to support jumbo packets and higher MTU but nothing helps resolve the network issue.
- My switches support jumbo packets.
- TL;DR - only enable jumbo packets and custom MTU if your windows hardware/software REALLY supports jumbo packets.

Thank you all for your help.
 
  • Like
Reactions: KevinS
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom