How to port forward from Guest to Host, specially for port 443

Nugraha

Member
Mar 25, 2019
7
0
6
43
Hello there,

I have problem to port forwarding port 443/https through from VM to Host, i do forwarding setup in /etc/network/interface, there no problems in port 80, i can access the public host ip, but when i try to connect through port 443 is unable to connect, i check the connection by :

Code:
curl -kvv https://myfqdn

The response is OK, but when i'm browse from outside it seems unable to access. I'm already setupthe firewall to open port from VM and host.

This is my /etc/network/interface settings :
Code:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

iface eth1 inet manual
iface eth2 inet manual
iface eth3 inet manual

auto vmbr0
iface vmbr0 inet static
        address  192.168.7.5
        netmask  255.255.255.0
        gateway  192.168.7.1
        bridge-ports eth0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

auto vmbr1
iface vmbr1 inet static
        address  10.10.11.1
        netmask  255.255.255.0
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094


# Adding Custom Configuration

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '10.10.11.0/24' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '10.10.11.0/24' -o vmbr0 -j MASQUERADE

# HTTP
        post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 10.10.11.2:80
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to 10.10.11.2:80

# HTTPS
        post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 10.10.11.2:443
        post-down iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to 10.10.11.2:443

Thanks in advance for all knidness.


Best regards.
 
I have problem to port forwarding port 443/https through from VM to Host, i do forwarding setup in /etc/network/interface,

It's forwarding from host to VM - right?



The response is OK, but when i'm browse from outside it seems unable to access. I'm already setupthe firewall to open port from VM and host.

Does it work when firewall is disabled?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!