Port forwarding VM=>VM

M

maxschaefer

New Member
Jun 4, 2016
2
0
1
39
Hi there,

I currently run a setup like this:


– node; has its own public ipv4 111.222.111.123
–– vm1; has its own public ipv4 111.222.111.234 (vmbr0) and internal connection 192.168.10.2 (vmbr2)
–– vm2; has no public ip but uses NAT with 192.168.0.3 (vmbr1) and internal connection 192.168.10.3 (vmbr2)

The nodes /etc/network/interfaces looks like this:

Code: 
iface eth0 inet manual

auto vmbr0
iface vmbr0 inet static
        address  111.222.111.123
        netmask  255.255.255.224
        gateway  111.222.111.124
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

auto vmbr1
iface vmbr1 inet static
        address  192.168.0.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
        post-up sysctl -w net.ipv4.ip_forward=1
        post-up sysctl -w net.ipv6.conf.all.forwarding=1
        post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
        post-down sysctl -w net.ipv4.ip_forward=0
        post-down sysctl -w net.ipv6.conf.all.forwarding=0
        post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE

auto vmbr2
iface vmbr2 inet static
        address  192.168.10.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0

I would like to know if / how I can forward, lets say, port 1022 on vm1 (public ip 111.222.111.234) to port 22 on vm2 (connected to vm1 via vmbr2) i.e.

111.222.111.234:1022 => 192.168.10.3:22

Thanks
Max
 
Last edited:
Hi stefws,

thanks for your reply. I know that I could do ssh tunelling and I also know that I could do something like

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 1022 -j DNAT --to 192.168.10.3:22

on the node but this would enable forwarding for the node's public ip not the vm's

111.222.111.123:1022 => 192.168.10.3:22 not 111.222.111.234:1022 => 192.168.10.3:22

The question is: How can I do the same for the vm's public ip to forward not only ssh but also ftp and other ports?

Thanks
Max
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back