[SOLVED] Endian Firewall Community

J

jose.cardoso

New Member
Nov 17, 2023
25
2
3
Hello all.

I know it's not a eecommended setup and might not make much sense but, I use to have an Endian Firewall Community Edition vm on my Esxi servers, so I can make some trials and new employee education.

I'm now migrating all my internal Esxi servers to PVE, so I can be fully confident to implement it on my customers and, when migrating an HP Microserver where I use to have this testing vms, I've setup some Endian Firewall Commuinity on the PVE.

After the initial setup, made over PVE console, I should continue the setup on the web interface on port 10443.

But, when I try to access this web interface, I can't connect, because the connection is refused.

I've tried SSH access on port 22, and I can't connect either.

I can ping the vm.

I saw a post on the forum where one user changed the NICs to Intel E1000 to solve the problem, but even with this change I can't connect.

Do you know what might be happening?

Thanks in advance.
 
Hello
i assume you configured external access to your endian firewall in advance.
Can your access the Endian firewall VM via. GUI VM -> Console ?
 
hd-- said:
Hello
i assume you configured external access to your endian firewall in advance.
Can your access the Endian firewall VM via. GUI VM -> Console ?
Click to expand...
Yes, I do. And I can ping from local network. But I get connection refused onver port 10443 and 22.

1704297654313.png
 
Hi José,

I've already previously installed Endian in PVE and didn't had any issues accessing it. What I recommend is that you can use VirtIO for the network interface model

Also could you please try accessing to the Endian CLI and do a ping to a computer in your network.

And last, ensure you're using https://192.168.0.15:10443. I know that Endian can reject access if you're not using https.
 
Ok. I've changed the Endian IP address to 192.168.69.66.
1704300677019.png

I can ping my computer (192.168.69.69) from the VM.

1704300741253.png

I can ping from my computer to the Endian VM

1704300822094.png

Still, I can't connect.

1704301741005.png

These are my VM settings.

1704301565941.png

I can't understand where I'm missing...
 
Hi José,

Try doing Endian's network configuration again and enable access from red and green interfaces.
 
Huummm. OK.
1704302800968.png

I can ping gateway 192.168.70.254, 1.1.1.1 and google.pt, so DNS is working.

1704302924118.png

Still, no luck...
 
It's possible, however your network setup for the Linux bridge vmbr0 should have as CIDR 192.168.69.0/24 and the gateway of your network 192.168.69.0/24.

What I understand is that eth0 is the network interface for vmbr0, so it should use an IP in that range and you have communication between hosts in that network.

Regarding vmbr1, it should be configured for a different port to provide a different interface for Endian's red interface
 
jjca said:
It's possible, however your network setup for the Linux bridge vmbr0 should have as CIDR 192.168.69.0/24 and the gateway of your network 192.168.69.0/24.

What I understand is that eth0 is the network interface for vmbr0, so it should use an IP in that range and you have communication between hosts in that network.

Regarding vmbr1, it should be configured for a different port to provide a different interface for Endian's red interface
Click to expand...
Right, I think everything is OK with that. I just don't have a CIDR for the external network (I don't thik it's needed), but all the rest is OK.

1704304239533.png
 
Hi José,

I was able to reproduce your setup and I can't reproduce the issue. The only important thing is that Endian requires 2 network interfaces, and you have enabled them both, eth0 and eth1. It's ok to keep the CIDR configuration blank for vmbr1 if you are not planning to access through red interface yet

The only interesting thing that I noticed is that the Endian's configuration took a while to be applied so the web interface was available. You can also disable the tick for "Firewall" in network interface "net0" but is not necessary as the firewall is disabled by default for VMs in Proxmox.

Also give it a try to command restarthttpd in Endian.
 
Well, I've just created a new VM, and it's working!

I relly can't understand, why, because I've used exactly the same settings but, anyway, it's working!
Thanks for all the support.

1704307099709.png
 
  • Like
Reactions: hd--
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom