Hello,
im playing around with Proxmox at home wanting to put it on a dedicated sever at Hetzner later, and have some trouble using a private network for the VMs.
The config below works, i can Ping from a Container in the private net(192.168) to my Desktop in my LAN (10.10), and if i look at the Ping in Wireshark the source IP is 10.10.0.200. But if i now enable the Firewall in Proxmox, the source IP of the ping request changes to the private address of the Container, and it does not receive the reply.
The masquerade rule is still in the NAT table after enabling the Firewall, but it does not get executed.
im playing around with Proxmox at home wanting to put it on a dedicated sever at Hetzner later, and have some trouble using a private network for the VMs.
The config below works, i can Ping from a Container in the private net(192.168) to my Desktop in my LAN (10.10), and if i look at the Ping in Wireshark the source IP is 10.10.0.200. But if i now enable the Firewall in Proxmox, the source IP of the ping request changes to the private address of the Container, and it does not receive the reply.
The masquerade rule is still in the NAT table after enabling the Firewall, but it does not get executed.
Code:
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
iface lo inet6 loopback
iface eno1 inet manual
auto vmbr0
iface vmbr0 inet static
address 192.168.1.1
netmask 24
bridge-ports none
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet static
address 10.10.0.200
netmask 24
gateway 10.10.0.1
bridge-ports eno1
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADE