I realise I'm one of many to have asked this question and I've searched this forum and followed the documentation stept to setup NAT but I keep getting "No route to host" errors in my VM. The annoying bit is that I had this working but had to reinstall Proxmox as I upgraded the hardware of the server.
I've installed Proxmox 6.2 on a dedicated server and I can access the server's web configuration and SSH in to the server. The server has two public IP-addresses. I want to install pfSense in a VM to act as a firewall for the network where all the other VM's are and route traffic between the VM's and the internet.
The "No route to host" error is given on the pfSense VM.
My /etc/network/interfaces config:
Both vmbr0 and vmbr1 are the connections to the outside world. These bridges were created by Proxmox during the installation of the OS.
vmbr2 is the network for the WAN part of pfSense and vmbr3 is the LAN for pfSense and where the other VM's will be connected to.
pfSense WAN is configured with a static ip address: 10.0.0.2/8. Pinging 10.0.0.1 from pfSense works. When I ping an IP-address on the internet, say 1.1.1.1 or 8.8.8.8, i get the "No route to host" error. Also pinging the ip of the host server (vmbr0) and pinging the gateway from the host (vmbr) both return "No route to host".
Comparing this configuration with the examples from the documentation and from e.g. this blog post (https://schroederdennis.de/allgemei...ver-mit-nur-1-public-ip-addresse-pfsense-nat/) this config should work. Have I missed something? Is the error even in Proxmox or in the pfSense VM configuration?
I've installed Proxmox 6.2 on a dedicated server and I can access the server's web configuration and SSH in to the server. The server has two public IP-addresses. I want to install pfSense in a VM to act as a firewall for the network where all the other VM's are and route traffic between the VM's and the internet.
The "No route to host" error is given on the pfSense VM.
My /etc/network/interfaces config:
Code:
auto lo
iface lo inet loopback
iface enp196s0 inet manual
iface enp5s0f3u2u2c2 inet manual
auto vmbr0
iface vmbr0 inet static
address 168.119.XX.XX/26
gateway 168.119.XX.X
bridge-ports enp196s0
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp -m multiport ! --dport 22,8006 -j DNAT --to 10.0.0.2
post-up iptables -t nat -A PREROUTING -i vmbr0 -p udp -j DNAT --to 10.0.0.2
auto vmbr1
iface vmbr1 inet static
address 168.119.XX.XX/26
bridge-ports enp5s0f3u2u2c2
bridge-stp off
bridge-fd 0
auto vmbr2
iface vmbr2 inet static
address 10.0.0.1/8
bridge-ports none
bridge-stp off
bridge-fd 0
post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/8' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/8' -o vmbr0 -j MASQUERADE
#pfSense
auto vmbr3
iface vmbr3 inet static
address 192.0.0.1/8
bridge-ports none
bridge-stp off
bridge-fd 0
#VM'sBoth vmbr0 and vmbr1 are the connections to the outside world. These bridges were created by Proxmox during the installation of the OS.
vmbr2 is the network for the WAN part of pfSense and vmbr3 is the LAN for pfSense and where the other VM's will be connected to.
pfSense WAN is configured with a static ip address: 10.0.0.2/8. Pinging 10.0.0.1 from pfSense works. When I ping an IP-address on the internet, say 1.1.1.1 or 8.8.8.8, i get the "No route to host" error. Also pinging the ip of the host server (vmbr0) and pinging the gateway from the host (vmbr) both return "No route to host".
Comparing this configuration with the examples from the documentation and from e.g. this blog post (https://schroederdennis.de/allgemei...ver-mit-nur-1-public-ip-addresse-pfsense-nat/) this config should work. Have I missed something? Is the error even in Proxmox or in the pfSense VM configuration?