Forward to internal LAN with proxmox

[pakradm]

Hello,

I have a Proxmox host with one public IP from my /29 range. My host has a Windows VM & Linux Container. Also my Windows VM has one another public IP from the same /29 range as host. My container doesn't have public IP & use NAT IP & inside it I'm running a custom service on TCP port 9876 & ssh on port 60222.
For clients to access this service I have make a DNAT rule on Proxmox iptables

iptables -t nat -A PREROUTING -i vmbr0 -p tcp -m multiport --dports 9876,60222 -j DNAT --to 192.168.1.2

Now I can access both ssh & my custom service from external network(WAN)
But the problem is that I can't access these services from my Windows VM!
It seems that Proxmox iptables doesn't forward ports when clients connect from /29 range.

By search on google I also found this thread that is very similar to my problem.

https://unix.stackexchange.com/ques...ant-forward-from-to-internal-lan-with-proxmox

auto lo
iface lo inet loopback

allow-hotplug enp0s25

iface enp0s25 inet manual

iface enp6s0 inet manual

auto vmbr0
iface vmbr0 inet static
    address  A.A.A.A
    netmask  255.255.255.248
    gateway  B.B.B.B
    bridge-ports enp0s25
    bridge-stp off
    bridge-fd 0
#External

auto vmbr1
iface vmbr1 inet static
    address  192.168.1.1
    netmask  255.255.255.0
    bridge-ports none
    bridge-stp off
    bridge-fd 0
#NAT

 

[pakradm]

Another Example:

https://forum.proxmox.com/threads/access-hosts-external-ip-from-nated-container.44385/

 

[pakradm]

Hi,
Is there any idea?