Help understanding default firewall rules


Dec 14, 2019
Hello everyone,

I'm trying to setup proxmox firewall for the first time. I've used ufw, csf, firewalld prior...seems like having an integrated solution would be nice and my rules aren't super complicated.I was planning on setting up some security groups and applying them. My main confusion comes from

"Default Firewall Rules" @

If I am understanding things correct I don't have to worry about allowing tcp/upd ports for proxmox to run. I could have a default security group that just has all IN and OUT traffic get declined. This would take handle all default configuration needed. I could then, with another group...lets say webserver...apply all the needed rules to allow web servers to work.

Does this sound like a good approach? Thank you.


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!