I have my proxmox ve 3.3 cluster setup. I have created a vm and internal to my network I can open console but externally it will not come up. I researched the java issue and followed the steps but that was no help. I have played with the pve-firewall but I am at a point that I cut it off till I can get it to work. I am using a cisco 1841 for port forwarding that I would like to continue to use. Here is what I had when the firewall was enabled
[OPTIONS]
enable: 0
[IPSET client-44]
[RULES]
IN SSH(ACCEPT) -source 50.31.1.62
IN SSH(ACCEPT) -source 122.181.3.130
IN SSH(ACCEPT) -source 203.197.151.138
IN SSH(ACCEPT) -source 203.200.152.147
IN SSH(ACCEPT) -source 10.10.10.0/24
IN SSH(ACCEPT) -source 172.17.254.220
IN SSH(ACCEPT) -source 10.66.66.0/24
IN ACCEPT -p tcp -dport 80
IN ACCEPT -p tcp -dport 443
IN ACCEPT -p tcp -dport 8006
IN ACCEPT -p tcp -dport 5900,5901,5902,5903,5904,5905,5906,5907,5908,5909,5910
IN ACCEPT -p tcp -dport 3128
[group client-44]
[group client-net]
[group dmz]
[group host-net]
[group int-mgmt]
and here is my config for my router
no ip http server
no ip http secure-server
ip nat pool VNC 10.10.10.201 10.10.10.201 netmask 255.255.255.0 type rotary
ip nat inside source list NAT-ACL interface FastEthernet0/0 overload
ip nat inside source static tcp 10.10.10.201 22 interface FastEthernet0/0 22
ip nat inside source static udp 10.66.66.47 1194 interface FastEthernet0/0 1194
ip nat inside source static tcp 10.10.10.201 3128 interface FastEthernet0/0 3128
ip nat inside source static tcp 10.10.10.201 8006 interface FastEthernet0/0 8006
ip nat inside destination list NAT-ACL pool VNC
!
ip access-list extended NAT-ACL
permit ip 10.10.0.0 0.0.255.255 any
permit ip 10.66.66.0 0.0.0.255 any
permit tcp any any range 5900 5999
Any help would be greatly appreciated.
[OPTIONS]
enable: 0
[IPSET client-44]
[RULES]
IN SSH(ACCEPT) -source 50.31.1.62
IN SSH(ACCEPT) -source 122.181.3.130
IN SSH(ACCEPT) -source 203.197.151.138
IN SSH(ACCEPT) -source 203.200.152.147
IN SSH(ACCEPT) -source 10.10.10.0/24
IN SSH(ACCEPT) -source 172.17.254.220
IN SSH(ACCEPT) -source 10.66.66.0/24
IN ACCEPT -p tcp -dport 80
IN ACCEPT -p tcp -dport 443
IN ACCEPT -p tcp -dport 8006
IN ACCEPT -p tcp -dport 5900,5901,5902,5903,5904,5905,5906,5907,5908,5909,5910
IN ACCEPT -p tcp -dport 3128
[group client-44]
[group client-net]
[group dmz]
[group host-net]
[group int-mgmt]
and here is my config for my router
no ip http server
no ip http secure-server
ip nat pool VNC 10.10.10.201 10.10.10.201 netmask 255.255.255.0 type rotary
ip nat inside source list NAT-ACL interface FastEthernet0/0 overload
ip nat inside source static tcp 10.10.10.201 22 interface FastEthernet0/0 22
ip nat inside source static udp 10.66.66.47 1194 interface FastEthernet0/0 1194
ip nat inside source static tcp 10.10.10.201 3128 interface FastEthernet0/0 3128
ip nat inside source static tcp 10.10.10.201 8006 interface FastEthernet0/0 8006
ip nat inside destination list NAT-ACL pool VNC
!
ip access-list extended NAT-ACL
permit ip 10.10.0.0 0.0.255.255 any
permit ip 10.66.66.0 0.0.0.255 any
permit tcp any any range 5900 5999
Any help would be greatly appreciated.