[SOLVED] Connect to web-interface with openvpn

Seberius

New Member
Oct 28, 2024
5
0
1
Hello folks!

I just set up my first Proxmox Server (it has only one LAN interface - 192.168.247.5)

and created 2 VM's:
1 - linux mint with openvpn server
2 - linux mint workstation

I wanted 192.168.100.0/24 network for VM's, for example: 1-192.168.100.1, 2 - 192.168.100.2
Openvpn server have to provide 192.168.101.0/24 addresses for clients

But automatically VM's got adresses 192.168.247.50 and 192.168.247.51

1) How can I create 192.168.100.0/24 network inside Proxmox Server?
2) Is it possible to connect Proxmox web-interface through openvpn server (set up 192.168.100.5)?
What i need to do for that?
 
Last edited:
Hey,

you need different bridges for the different networks. So, on vmbr0 is your LAN, so VMs to be on that network they have to have vmbr0 as a network device.

Now you have to create a new bridge, vmbr1, with will be for 192.168.100.0/24, so all VM you want on this network have to have vmbr1 assigned to them. Based on our pots your host should have an IP on this bridge too, namely 192.168.100.5.

About the openvpn VM, how do you plan on connecting to it?
 
  • Like
Reactions: Seberius
Hey Hannes!

About connecting to openvpn vm - i mapped port 1194 at my router to port 1194 at 192.168.247.50 and now vpn connection works fine.

I created new Linux bridge
2024-10-28 14-01-14.png

Added new interfaces to VM's
2024-10-28 14-06-14.png
and set up ip addresses manually

I can ping 192.168.100.5 from 192.168.100.1 and from 192.168.100.2

Vpn client got 192.168.101.2
So i can ping from client ip 192.168.100.2 but can't ping 192.168.100.5
 
Last edited:
Is IPv4 forwarding enabled in the VM? You can check this with sysctl net.ipv4.ip_forward, it should be 1. If it should be 0 you can enable it by adding net.ipv4.ip_forward = 1 to /etc/sysctl.conf and reloading it with sysctl -p.
 
Yes, i made this settings before
With connected VPN i'm getting results:
2024-10-29 10-21-57.png
2024-10-29 10-22-23.png
 
Last edited:
The problem is that 192.168.100.5 does not know how to reach 192.168.101.0/24, so it receives the ping package, but can't answer.

1. You can either set a route to 192.168.101.0/24 through 192.168.100.2 on your default gateway

2. or, setup NAT on 192.168.100.2

1. is probably what you want though.
 
Is it possible to setup gateway in vmbr1 settings?

Why are you talking about setting up route on 192.168.100.2?
In this case gateway between 192.168.100.0 and 192.168.101.0 networks is 192.168.100.1
Maybe I'm wrong?
 
Last edited:
Based on the screenshots you posted it looks like 192.168.100.2 is running the openvpn, if that is not the case replace 192.168.100.2 with the IP of the openvpn server(the VM that can reach 192.168.101.0/24) in the following.

In your ping example 192.168.100.5 can't answer the ping because it can't reach 192.168.101.0/24, since 192.168.101.2 is not on 192.168.100.0/24, it will send packets to the default gateway. This gateway however also does not know how to reach 192.168.101.0/24. The idea is now to teach the gateway how to reach 192.168.101.0/24, and that is done by telling it "send traffic destined for 192.168.101.0/24 to 192.168.100.2", 192.168.100.2 does know how to reach 192.168.101.0/24, so it'll forward packets properly.

For testing you can also just add the route on 192.168.100.5, but you probably want all devices on 192.168.100.0/24 to reach 192.168.101.0/24. Now 192.168.100.5 should be able to reach devices on 192.168.101.0/24.

That would look something like this:
Code:
ip route add 192.168.101.0/24 via 192.168.100.2
 
  • Like
Reactions: vshab and Seberius
Hannes, thank you very much!

Openvpn works on 192.168.100.1 (with clients 192.168.101.0/24)

Adding the route on 192.168.100.5 solved my problem
Code:
ip route add 192.168.101.0/24 via 192.168.100.1
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!