Isolate access to lxc only

D

doc_krieger

New Member
Nov 20, 2023
2
0
1
Hi, I'm pretty new to proxmox so I apologize if this is a dumb question but here goes.

I'm looking at spinning up a game server in a lxc and would like to make it accessible to some friends via a VPN (likely wireguard). I was planning on installing wireguard within the same lxc to manage the clients. My question is will that allow the wireguard clients access to just the lxc or will it allow access to my entire system (as example being able to access my proxmox interface or other containers) and if so how do I prevent this. Is it best to use something like ufw to limit access or am I just overthinking it?

Appreciate any help
 
Hello :)
In general wireguard creates a virtual interface in your LXC container and per default client connecting to your wireguard server cannot reach out into the your network, but are restricted to that virtual network.
If you'd like to give them access to your network you'd have to set net.ipv4.ip_forward=1 in your /etc/sysctl.conf
Also using a firewall in general is a good idea, but does not offer you perfect security (as this does not exist).
 
doc_krieger said:
Hi, I'm pretty new to proxmox so I apologize if this is a dumb question but here goes.

I'm looking at spinning up a game server in a lxc and would like to make it accessible to some friends via a VPN (likely wireguard). I was planning on installing wireguard within the same lxc to manage the clients. My question is will that allow the wireguard clients access to just the lxc or will it allow access to my entire system (as example being able to access my proxmox interface or other containers) and if so how do I prevent this. Is it best to use something like ufw to limit access or am I just overthinking it?

Appreciate any help
Click to expand...
Hi, I'm on the same boat as you and I was wondering how you solved your problem? I'm spinning up an AMP server and I would like to open some ports to access from outside, I have looked for different solutions but I'm also learning about all this and I don't understand what's a viable solution.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back