Locking down Proxmox Interface

[sahostking]

I would like to lock down SSH and PRoxmox interface (port 8006) using the PVE Firewall.

Anyone have exact steps to follow as I dont want to lock myself out as this particular server is not in the office but in DC and too lazy to take a drive through if anything goes awry

 

[Jesse Norell]

That is the purpose of the 'management' ipset, under Datacenter > Firewall > IPSet

Anyone have exact steps to follow

Untested (as I don't have a new cluster without a firewall to do so) , but should be: go to Datacenter > Firewall > IPSet, click the 'Create' button and add a set called 'management', and add your ip addr(s) to it. Then make sure the firewall is enabled, with an Input Policy of DROP.

 

[lhorace]

Hello,

Hopefully those are static IPs.

Regards