Wiki for reference: https://pve.proxmox.com/wiki/VNC_Client_Access
I'm looking into adding this to some of my VMs to make them more accessible. However, I'd like to isolate the VNC network from Proxmox MGMT in general. I've run into a few issues so far, and I'm not quite sure the best approach.
I'm looking into adding this to some of my VMs to make them more accessible. However, I'd like to isolate the VNC network from Proxmox MGMT in general. I've run into a few issues so far, and I'm not quite sure the best approach.
- The args parameter above seems to only accept two options - 0.0.0.0 for ANY IP address, or 10.20.20.10 for the IP of the host it currently resides. The former is too open for my comfort, and the latter is useless in a clustered scenario where migrations occur. Is there any way to specify an address such as 10.20.20.0/24, or some sort of subnet?
- The ports exposed by the args parameter work differently than I expected. Its a mathematical operation, not a string append. If I specify "args: -vnc 0.0.0.0:150" the actual served port is 6050, NOT 59150. I'd prefer the latter, honestly.
- To separate the VNC and MGMT networks, I created two VMBRs with a VLAN and OVS port on each. However, Proxmox responds to :8006 no matter which VLAN is the source of the connection. I'm looking at the Firewall in Datacenter to mitigate some of this, but it would be nice to configure which range the Proxmox GUI and API listen on. Or maybe I missed where to set that up.