Hi everyone, I have a proxmox on a dedicated server that has a public ip on the WAN side and I created a DMZ to a virtual machine inside it, I noticed that everything passes except the gre protocol. Can you give me a hand please?
Below I put the configuration of the interfaces:
The firewall in the virtual machine interface is disabled.
I also try to add
iptables -I FORWARD -p gre -j ACCEPT
But nothing change on Routeros VM i can't receive any gre packets
Below I put the configuration of the interfaces:
Code:
auto lo
iface lo inet loopback
iface enp35s0 inet manual <- Uplink interface
iface enp36s0 inet manual
iface enx2ecbfb84894d inet manual
auto vmbr0
iface vmbr0 inet static
address 217.xxx.xxx.xxx/32
gateway 10.255.255.1
bridge-ports enp35s0
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet static
address 10.128.0.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
#Abilito il forwarding
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
#Abilito il masquerade verso la rete uplink delle vm all'avvio dell'interfaccia
post-up iptables -t nat -A POSTROUTING -s '10.128.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.128.0.0/24' -o vmbr0 -j MASQUERADE
#Creo un DMZ verso la VM di RouterOS
post-up iptables -t nat -A PREROUTING -p tcp --dport 22 -j ACCEPT
post-up iptables -t nat -A PREROUTING -p tcp --dport 8006 -j ACCEPT
post-up iptables -t nat -A PREROUTING -i vmbr0 -j DNAT --to-destination 10.128.0.2
post-down iptables -t nat -D PREROUTING -p tcp --dport 22 -j ACCEPT
post-down iptables -t nat -D PREROUTING -p tcp --dport 8006 -j ACCEPT
post-down iptables -t nat -D PREROUTING -i vmbr0 -j DNAT --to-destination 10.128.0.2The firewall in the virtual machine interface is disabled.
I also try to add
iptables -I FORWARD -p gre -j ACCEPT
But nothing change on Routeros VM i can't receive any gre packets