Hello,
Situation:
- 2 real subnet (no VLANs)
- 2 Interfaces on Proxmoxhost
- 1 Interface for the DMZ (bind directly to fortigate)
So i would like to configure the firewall that VMs in the DMZ are not able to communicate over the physical Interface to the hostmachine. So i read the wikithread for firewallconfig. Is it really right that i must configure the firewall first for the host on all needed ports? I only need rules for this DMZzone. But sorry i not really know about this rules. It is not logical for me, ... some rules are not possible.
So for example. I would like to set a firewallrule vor VM100 that this vm can't connect to hostmachine on port 22. So what must i do?
Thanks for help
Situation:
- 2 real subnet (no VLANs)
- 2 Interfaces on Proxmoxhost
- 1 Interface for the DMZ (bind directly to fortigate)
So i would like to configure the firewall that VMs in the DMZ are not able to communicate over the physical Interface to the hostmachine. So i read the wikithread for firewallconfig. Is it really right that i must configure the firewall first for the host on all needed ports? I only need rules for this DMZzone. But sorry i not really know about this rules. It is not logical for me, ... some rules are not possible.
So for example. I would like to set a firewallrule vor VM100 that this vm can't connect to hostmachine on port 22. So what must i do?
Thanks for help