Hi Guys,
I have 4 Server cluster i am trying to apply firewall rule to block 1 IP range from another interacting or accessing but i am unable to do so, i have been scratching my head since morning if someone can enlighten me a bit it would be great. firewall is enabled on Datacanter->Node-> VM also but still unable to make the rule implement on the VM. pve-firewall status also shows running.
Currently using the Latest Proxmox 7.2-7 Version with Bridge Network dhcp is managed by switch.
Trying to Block 10.250.0.3(vm-ip) Subnet from accessing 10.250.50.0/23 (mgmt-ip) which include blocking of Proxmox GUI also.
Attached is the Fw rule along with cluster fw config.
I have 4 Server cluster i am trying to apply firewall rule to block 1 IP range from another interacting or accessing but i am unable to do so, i have been scratching my head since morning if someone can enlighten me a bit it would be great. firewall is enabled on Datacanter->Node-> VM also but still unable to make the rule implement on the VM. pve-firewall status also shows running.
Currently using the Latest Proxmox 7.2-7 Version with Bridge Network dhcp is managed by switch.
Trying to Block 10.250.0.3(vm-ip) Subnet from accessing 10.250.50.0/23 (mgmt-ip) which include blocking of Proxmox GUI also.
Attached is the Fw rule along with cluster fw config.
Code:
[OPTIONS]
enable: 1
[IPSET dns]
10.250.0.2
[IPSET mgmt-ip] # 0.x Segment
10.250.0.0/23 # 0 Segmentation(mgmt)
[IPSET nfs-ip]
10.250.2.10
[IPSET vm-ip] # 50.x Segment
10.250.50.0/23 # 50.x Segment IP (VMs)
[IPSET vpn-ip] # VPN segment
10.250.1.0/24
[RULES]
IN ACCEPT -source +vpn-ip -p tcp -dport 22,8006 -log nolog
IN DROP -source +vm-ip -dest +mgmt-ip -log nolog # disable play seg to mgmt segAttachments
Last edited: