Cant access ssh and web gui after fresh install

NewComer · Wednesday at 18:59

Hi everyone,

Im new to proxmox and kindly need ur help. After fresh install couple times, i still cant access via ssh and web gui. Im assuming its network issue but i can't find the problem. Already searching for many similar threads, but still no results. I'll be kindly appreciate for any help. It always said

Client : 192.168.1.2, Router : 192.168.1.1, PVE : 192.168.1.200
Ping 8.8.8.8

Code:

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=5.27 ms.
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=5.26 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=5.66 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=5.74 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/aug/max/mdev = 5.260/5.480/5.735/0.219 ms
root@bal-homelab:"# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.342 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.511 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.419 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.491 ms

-- 192.168.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3034ms
rtt min/aug/max/mdeu = 0.342/0.440/0.511/0.066 ms

Ip a

Code:

1: lo: <LOOPBACK, UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 :: 1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eno2: <BROADCAST, MULTICAST, UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master umbre state UP group default qlen 1000
link/ether a8:5e:45:ba:9f:64 brd ff:ff:ff:ff:ff:ff
altname enp3s0
3: wlo1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether c0:b8:83:01:27:fa brd ff:ff:ff:ff:ff:ff
altname wlp0s20f3
4: umbrO: <BROADCAST, MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a8:5e:45:ba:9f:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.200/24 scope global umbr0
valid_lft forever preferred_lft forever
inet6 fe80 :: aa5e:45ff:feba:9f64/64 scope link
valid_lft forever preferred_lft forever

/etc/network/interfaces

Code:

auto lo
iface lo inet loopback

iface eno2 inet manual

auto vmbro
iface vmbr0 inet static
address 192.168.1.200/24
gateway 192.168.1.1
bridge-ports eno2
bridge-stp off
bridge-fd 0

iface wlo1 inet manual

source /etc/network/interfaces.d/*

router setting

bbgeek17 · Wednesday at 19:05

Hi @NewComer , welcome to the forum!

You seem to have good communication between your PVE system and the Internet (ping 8.8.8.8). You also showed that you are able to ping the gateway (presumably from your PVE host).

However, are you able to ping from PVE to the Client and vice versa?

What exactly happens when you try to access the UI? What URL are you trying to use? What is the browser? Have you tried a different one? Have you tried Incognito mode?

How are you trying to use SSH? From where? What is the failure?

Cheers

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox

NewComer · Wednesday at 19:18

Thanks for the fast respond!

1. Ping from PVE and vice versa
I already tried it, and it shows 'destination host unreachable', it happens in both system

2. What exactly happens when you try to access the UI? What URL are you trying to use? What is the browser? Have you tried a different one? Have you tried Incognito mode?

- when i try to access it, it shows "This site can't be reached, took too long to respond'
- i tried it in arc, chrome, and edge shows the same result
- yes i tried in incognito mode, just the same and yes i type 'https://' and ':8006' (https://192.168.1.200:8006/)

3. How are you trying to use SSH? From where? What is the failure?
- trying to ssh from client with "ssh root@192.186.1.200 -p 8006"
- the result was ssh: connect to host 192.168.1.200 port 8006: Connection timed out

bbgeek17 · Wednesday at 19:30

NewComer said:
- trying to ssh from client with "ssh root@192.186.1.200 -p 8006"
- the result was ssh: connect to host 192.168.1.200 port 8006: Connection timed out

You don't need to specify the port when using SSH with PVE. If you do want to specify it, you should use the default "22". The 8006 is for GUI access only.

Can you show the exact output using CODE tags and including the actual command you typed:
- Client "ipconfig /all" if windows, "ip a" if Linux
- Client 192.168.1.2 ping to gateway 192.168.1.1
- PVE 192.168.1.200 ping to gateway 192.168.1.1
- PVE 192.168.1.200 ping to client 192.168.1.2
- Client 192.168.1.2 ping to PVE 192.168.1.200
- Client output of "arp -a"
- Proxmox output of "arp -n" (if not installed "apt install net-tools")
- Can you login to your router and issue ping from it to Client and PVE?
- Can you direct connect your client to PVE via a cable and test the ping?

Cheers

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox

bbgeek17 · Wednesday at 19:36

I suspect the many typos in your prior outputs are due to manual retyping of the information in the screen. It is better to take and provide a photo, than introduce uncertainty into the information you are providing.

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox

NewComer · Wednesday at 20:04

- Client "ipconfig /all" if windows, "ip a" if Linux

Code:

Ethernet adapter vEthernet (WSL (Hyper-V firewall)):

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 00-15-5D-D6-31-70
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::288c:f441:f45d:b25a%45(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.25.160.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 754980189
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-9C-0C-9B-9C-6B-00-6E-AA-04
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek Gaming 2.5GbE Family Controller
   Physical Address. . . . . . . . . : 9C-6B-00-6E-AA-04
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::717c:778b:635a:3c9%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, 19 February 2025 18:56:51
   Lease Expires . . . . . . . . . . : Thursday, 20 February 2025 18:56:49
   Default Gateway . . . . . . . . . : fe80::1%4
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 144468736
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2D-9C-0C-9B-9C-6B-00-6E-AA-04
   DNS Servers . . . . . . . . . . . : fe80::1%4
                                       192.168.1.1
                                       fe80::1%4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 7A-46-5C-92-24-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : 7A-46-5C-92-34-05
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RZ616 Wi-Fi 6E 160MHz
   Physical Address. . . . . . . . . : 78-46-5C-92-04-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 78-46-5C-92-04-36
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

- Client 192.168.1.2 ping to gateway 192.168.1.1

Code:

Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

- PVE 192.168.1.200 ping to gateway 192.168.1.1

Code:

PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.342 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.511 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.419 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.491 ms

- PVE 192.168.1.200 ping to client 192.168.1.2
Destination host unreachable

- Client 192.168.1.2 ping to PVE 192.168.1.200
Destination host unreachable

-Client output of "arp -a"

Code:

Interface: 192.168.1.2 --- 0x4
  Internet Address      Physical Address      Type
  192.168.1.1           8c-68-c8-cd-c9-b5     dynamic
  192.168.1.255         ff-ff-ff-ff-ff-ff     static
  224.0.0.22            01-00-5e-00-00-16     static
  224.0.0.251           01-00-5e-00-00-fb     static
  224.0.0.252           01-00-5e-00-00-fc     static
  239.255.255.250       01-00-5e-7f-ff-fa     static
  255.255.255.255       ff-ff-ff-ff-ff-ff     static

Interface: 172.25.160.1 --- 0x2d
  Internet Address      Physical Address      Type
  172.25.175.255        ff-ff-ff-ff-ff-ff     static
  224.0.0.22            01-00-5e-00-00-16     static
  224.0.0.251           01-00-5e-00-00-fb     static
  239.255.255.250       01-00-5e-7f-ff-fa     static

-Proxmox output of "arp -n"

- Can you login to your router and issue ping from it to Client and PVE?

Code:

PING 192.168.1.1 (192.168.1.1): 56 data bytes
Reply from 192.168.1.1: bytes=56 ttl=64 time=0.4ms seq=0
Reply from 192.168.1.1: bytes=56 ttl=64 time=0.2ms seq=1
Reply from 192.168.1.1: bytes=56 ttl=64 time=0.1ms seq=2
Reply from 192.168.1.1: bytes=56 ttl=64 time=0.2ms seq=3

--- 192.168.1.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.1/0.2/0.4 ms

PING 192.168.1.2 (192.168.1.2): 56 data bytes
Request timed out.
Request timed out.
Request timed out.
Request timed out.

--- 192.168.1.2 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss

PING 192.168.1.200 (192.168.1.200): 56 data bytes
Reply from 192.168.1.200: bytes=56 ttl=64 time=0.8ms seq=0
Reply from 192.168.1.200: bytes=56 ttl=64 time=0.6ms seq=1
Reply from 192.168.1.200: bytes=56 ttl=64 time=0.6ms seq=2
Reply from 192.168.1.200: bytes=56 ttl=64 time=0.6ms seq=3

--- 192.168.1.200 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.6/0.6/0.8 ms

bbgeek17 · Wednesday at 20:15

I suspect the issue, at least partially, is your router.
a) While the Client and PVE are on the same subnet, neither one sees the MAC address of the other. Yet both see the gateway. The simplest explanation - the router is blocking the ARPs
b) The router is also unable to ping the client, which potentially indicates a firewall on client side. The fact that client is able to ping the router indicates an inbound firewall rule on the client is blocking the traffic.
c) Yet, the router is able to ping the PVE. You can likely ssh from the router to PVE. And, perhaps even use "curl -k https://192.168.1.200:8006" from the router. Or, at the very least, "telnet 192.168.1.200 8006" - should connect and react to key presses.

In summary, it is very unlikely that you can find a knob in PVE that would make everything work. Your issue is very likely in your pre-existing network configuration. Some home routers are "too smart for their own good".

As recommended previously, try to eliminate your router with a direct cable connectivity. You may need to set static IP on the windows client.
You can also reach out to your router manufacture's support.

Good luck

Blockbridge : Ultra low latency all-NVME shared storage for Proxmox - https://www.blockbridge.com/proxmox

Search

Search

Cant access ssh and web gui after fresh install

NewComer

New Member

bbgeek17

Distinguished Member

NewComer

New Member

bbgeek17

Distinguished Member

bbgeek17

Distinguished Member

NewComer

New Member

bbgeek17

Distinguished Member

We value your privacy