What services and files are required to authorize users using the PAM method? Can a firewall setting affect user authorization in any way? The last time I am configured the firewall.
No, the Firewall should not interfere here, you have access to the pveproxy on port 8006, so that should be fine. Anything else you changed recently? Did you install any custom scripts or the like?What services and files are required to authorize users using the PAM method? Can a firewall setting affect user authorization in any way? The last time I am configured the firewall.
root@prox00 ~ # ip a
2: enp41s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether a8:a1:59:c0:ba:86 brd ff:ff:ff:ff:ff:ff
inet xxx.xxx.xxx.198/27 scope global enp41s0
valid_lft forever preferred_lft forever
root@prox00 ~ # ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4098ms
root@prox00 ~ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4094ms
root@prox00 ~ # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 xxx.xxx.xxx.193 0.0.0.0 UG 0 0 0 enp41s0
xxx.xxx.xxx.192 0.0.0.0 255.255.255.224 U 0 0 0 enp41s0
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 vmbr1
08:57:15 [root@p550003:~]$ ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10000
link/ether 06:47:d1:8a:9a:eb brd ff:ff:ff:ff:ff:ff
inet 192.168.50.102/24 brd 192.168.50.255 scope global eth0
08:57:25 [root@p550003:~]$ netstat -rn
192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.50.1 0.0.0.0 UG 0 0 0 eth0
08:57:35 [root@p550003:~]$ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=57 time=5.33 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=57 time=5.29 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=57 time=5.28 ms
^C
--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2221ms
rtt min/avg/max/mdev = 5.289/5.305/5.333/0.086 ms
08:57:38 [root@p550003:~]$ ping google.com
PING google.com (142.250.186.142) 56(84) bytes of data.
64 bytes from fra24s07-in-f14.1e100.net (142.250.186.142): icmp_seq=1 ttl=117 time=5.05 ms
64 bytes from fra24s07-in-f14.1e100.net (142.250.186.142): icmp_seq=2 ttl=117 time=5.06 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1861ms
rtt min/avg/max/mdev = 5.054/5.060/5.066/0.006 ms
Do you can halp me, please?No, the Firewall should not interfere here, you have access to the pveproxy on port 8006, so that should be fine. Anything else you changed recently? Did you install any custom scripts or the like?
I overlooked that you run not the latest PVE version, maybe try to upgrade to the latest stable version.
Chain INPUT (policy DROP 50566 packets, 3169K bytes)
pkts bytes target prot opt in out source destination
45857 3356K ACCEPT tcp -- * * xxx.xxx.xxx.xxx 0.0.0.0/0 multiport dports 2233,8006
375 19480 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 2233,8006
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT