Help with opening ports to the internet

bobro2

New Member
Aug 24, 2023
2
0
1
Hey everyone,

currently, I am struggling with opening some ports to the internet. My setup is:
- ISP modem with DHCP enabled (ISP ensured me that the ports should be open here)
- Aliexpress box with PVE and some VMs.
- One of the VMs is acting as my main router/DHCP server/firewall (OPNsense). It is getting IP from ISP modem.

The internet works in all of the VMs and the whole network. But I am struggling to open ports. I have Port Forwarding set up in the firewall.

Also I do not see any incoming traffic co my VM firewall. Using standard port checkers online.

PVE forewall is disabled on datacenter level.

Using only 2NICs, one as WAN the other one as LAN.

/etc/network/interfaces
Code:
auto lo
iface lo inet loopback

iface enp2s0 inet manual

iface enp3s0 inet manual

iface enp4s0 inet manual

iface enp5s0 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0
#WAN

auto vmbr1
iface vmbr1 inet static
        address 192.168.1.3/24
        gateway 192.168.1.1
        bridge-ports enp3s0
        bridge-stp off
        bridge-fd 0
#LAN

My goal is to open some ports of services I am currently running to the internet so some other online services can access them. And no VPN is not the solution for me.

Any help is appreciated.
 
Last edited:
Hey everyone,

currently, I am struggling with opening some ports to the internet. My setup is:
- ISP modem with DHCP enabled (ISP ensured me that the ports should be open here)
- Aliexpress box with PVE and some VMs.
- One of the VMs is acting as my main router/DHCP server/firewall (OPNsense). It is getting IP from ISP modem.

The internet works in all of the VMs and the whole network. But I am struggling to open ports. I have Port Forwarding set up in the firewall.

Also I do not see any incoming traffic co my VM firewall. Using standard port checkers online.

PVE forewall is disabled on datacenter level.

Using only 2NICs, one as WAN the other one as LAN.

/etc/network/interfaces
Code:
auto lo
iface lo inet loopback

iface enp2s0 inet manual

iface enp3s0 inet manual

iface enp4s0 inet manual

iface enp5s0 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0
#WAN

auto vmbr1
iface vmbr1 inet static
        address 192.168.1.3/24
        gateway 192.168.1.1
        bridge-ports enp3s0
        bridge-stp off
        bridge-fd 0
#LAN

My goal is to open some ports of services I am currently running to the internet so some other online angry gran services can access them. And no VPN is not the solution for me.

Any help is appreciated.
Does the VM acting as your router/firewall have a public IP address assigned by your ISP modem? I think you face this problem here and you can check this by logging into the OPNsense web interface and going to Interfaces ‣ Overview. If the WAN interface has a private IP address (such as 192.168.x.x or 10.x.x.x), then you may need to enable bridge mode on your ISP modem or use DMZ to forward all traffic to your VM.
 
Does the VM acting as your router/firewall have a public IP address assigned by your ISP modem? I think you face this problem here and you can check this by logging into the OPNsense web interface and going to Interfaces ‣ Overview. If the WAN interface has a private IP address (such as 192.168.x.x or 10.x.x.x), then you may need to enable bridge mode on your ISP modem or use DMZ to forward all traffic to your VM.
It has an assigned IP by the ISP modem DHCP server.
It starts with 10.x.x.x I think it is local because my external IP is different.
I cannot change anything useful in the ISP modem sadly.

Any tips how to setup DMZ in PVE?
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!