Firewall for VMs

H

hartings

New Member
Feb 19, 2021
1
0
1
35
Hey guys,

I'm a little confused by the firewall settings in the Proxmox VE 6 GUI.
I only have the role PVEVMAdmin, therefore I can only manage my VMs.

My goal is to have 3 VMs on an "internal" network with all outgoing traffic block/drop expect SSH to VM1.
Currently, the firewall is enabled on each VM and on the specific interfaces. The output policy is set to DROP and I added the following rule via the web interface.
  • Type: out
  • Action: ACCEPT
  • Macro: SSH
  • Destination: (IP/Alias of VM1)
However, it is still possible for all VMs to reach the ssh servers of VM2/3 and the web servers of VM1/2/3.

I haven't yet tested if it works with inbound rules.

Your input is apreciated.

Kind regards,
Robert
 
Hello,

have you found a solution? - If no, please send the config for your VMs and the output of firewall status and node version as well:

Code: 
qm config <VMID>
pve-firewall status
systemctl status pve-firewall.service
pveversion -v
 
You must log in or register to reply here.
Top Bottom