Cannot reach vm's port from host

[venssy]

Hello, pve on a bookworm, i want to route vm's port 22(10.0.0.108) to host port 2022, it always not work. it' s my /etc/network/interfacesanything is wrong?

auto lo
iface lo inet loopback

# auto enp6s0
iface enp6s0 inet manual

auto vmbr0
iface vmbr0 inet static
    address 192.168.0.102/24
    gateway 192.168.0.1
    bridge-ports enp6s0
    bridge-stp off
    bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address 10.0.0.1/24
        netmask  255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr1/proxy_arp
        post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/24' -o vmbr0 -j MASQUERADE
     
        post-up   iptables -t nat -I PREROUTING -p tcp -i vmbr0 --dport 2022 -j DNAT --to 10.0.0.108:22
        post-down iptables -t nat -D PREROUTING -p tcp -i vmbr0 --dport 2022 -j DNAT --to 10.0.0.108:22
       
        post-up   iptables -t nat -I PREROUTING -p tcp -i vmbr0 --dport 6690 -j DNAT --to 10.0.0.108:6690
        post-down iptables -t nat -D PREROUTING -p tcp -i vmbr0 --dport 6690 -j DNAT --to 10.0.0.108:6690

also try with these code, still failed.

iptables -t nat -A PREROUTING -i vmbr0 -d 192.168.0.102 -p tcp --dport 2022 -j DNAT --to 10.0.0.1:2022
iptables -t nat -A POSTROUTING -o vmbr1 -d 10.0.0.1 -p tcp --dport 2022 -j SNAT --to 10.0.0.108

 

[Moayad]

Hi,

Did you restart the server after you did the changes in your network configuration?

 

[venssy]

Hi,

Did you restart the server after you did the changes in your network configuration?

I restarted network by running systemctl restart networking, and also rebooted machine many times. Now I use brook to redirect port, iptables and rinetd both still not work.