Cant access Webgui on 2nd bridge (no physical nic attached)

M

merasil

Member
Mar 9, 2020
11
0
6
47
Hi there,

my problem is the following: I want to be able to connect to the webgui via 2 nics. Both are bridges, but the 2nd got no bridge port since i only use it for a dmz. Via gui i added an ip to the 2nd bridge and also added the new ip to /etc/hosts of my proxmox hv. I can ping the new ip, but i cant ssh or access the gui via 2nd ip. What am i doing wrong?

Code: 
auto vmbr0
iface vmbr0 inet static
        address 172.16.0.11/16
        gateway 172.16.0.254
        bridge-ports eno1
        bridge-stp off
        bridge-fd 0
#Hypervisor

auto vmbr1
iface vmbr1 inet manual
        bridge-ports eno2
        bridge-stp off
        bridge-fd 0
#Intern (Gateway)

auto vmbr2
iface vmbr2 inet manual
        bridge-ports eno3
        bridge-stp off
        bridge-fd 0
#Intern

auto vmbr3
iface vmbr3 inet manual
        bridge-ports eno4
        bridge-stp off
        bridge-fd 0
#Server-DMZi3

auto vmbr4
iface vmbr4 inet manual
        bridge-ports enp5s0f0
        bridge-stp off
        bridge-fd 0
#Extern (Gateway)

auto vmbr5
iface vmbr5 inet manual
        bridge-ports enp5s0f1
        bridge-stp off
        bridge-fd 0
#Extern

auto vmbr6
iface vmbr6 inet manual
        bridge-ports enp5s0f2
        bridge-stp off
        bridge-fd 0
#Extern

auto vmbr7
iface vmbr7 inet manual
        bridge-ports enp5s0f3
        bridge-stp off
        bridge-fd 0
#GuestWlan (Gateway)

auto vmbr8
iface vmbr8 inet manual
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#ServerVM-DMZi1

auto vmbr9
iface vmbr9 inet static
        address 172.21.0.11/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#ServerVM-DMZi2

Thx for any help
 
t.lamprecht said:
What ID has the second one? vmbrX? And what is connected to that one, only VMs?
Click to expand...
First one is vmbr0 and second one is vmbr9. vmbr9 is used by vms1,2,3 (172.22.0.1, .2, .254) only and the proxmox host (172.22.0.11).

Setup

vm1 --------|
vm2---------|-------vmbr9-------Gateway (vm3)
proxmox--|
 
Last edited:
So i could enumerate a bit more.

As long as there is a physical nic bound to the bridge it works. If i unbind the physical nic it stops working. I still can ping the machine and nmap even discovers all ports (ex. 111, 8006) as open but i cant access the webserver. Next step would be to try to debug the webserver in this state... Anyone got a good guess what this could cause?

*EDIT*
OK got it working. My Router is dropping some packets... The thing is: i dont know why.

iptables -A FORWARD -m conntrack --ctstate INVALID -j DROP

Thats the Rule causing it. Could some1 explain to me why invalid packets are neccessary for proxmox webgui to work?
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back