Network / Firewall issue
So far I had KVMs and CTs with public IPs assigned to them however this is now not possible due to the limit of amount of IPs I can have per server from the DC I am in.
I have therefore decided to start having KVMs with private IPs using NAT redirects of the main server IP to the various internal KVM guest.
When however I decided to put a firewall on those KVMs (software fw) I realised that I cannot have rules matching specific remote hosts because all the traffic is visible as coming from the hardware node main IP and not the remote IP.
I therefore cannot create rules with remote IPs to block or to allow as I only see my main IP.
What is the method to overcome/solve this? (Expect hardware firewall please, this is not an option).
So far I had KVMs and CTs with public IPs assigned to them however this is now not possible due to the limit of amount of IPs I can have per server from the DC I am in.
I have therefore decided to start having KVMs with private IPs using NAT redirects of the main server IP to the various internal KVM guest.
When however I decided to put a firewall on those KVMs (software fw) I realised that I cannot have rules matching specific remote hosts because all the traffic is visible as coming from the hardware node main IP and not the remote IP.
I therefore cannot create rules with remote IPs to block or to allow as I only see my main IP.
What is the method to overcome/solve this? (Expect hardware firewall please, this is not an option).
Last edited: