Port Fowarding

M

me14606

New Member
Nov 9, 2022
4
0
1
I am trying to port foward HTTP:80 to IP: 24.12.3.250
I can access my website from 24.12.4.250 since it on the internal network shown below, but when its time to access it from outside the private network I can't access it. (The unnamed router at the top is my home network with the subnet 192.168.0.0/24)
Say I try and access it from my computer: 192.168.0.254, it won't work (I type in 192.168.0.26 as the URL)
Ive seen some other threads with similar issues and resolutions, but I have various bridges, they only use one bridge.
Port fowarding is already set up on my firewall in the internal network

--ALSO--
Using nmap I see a http-squid:3128 port open I was curious as to what that is, maybe it has something to do with what Ive been doing

Sorry in advanced lol, I'm a newbie and made a frankenstein attempt to make it work from different fourms
Any other advice for my network would be appreciated!
**eno1 is the network device, vmbr0 is the bridge thats directly connected to it**
**The router with ip 192.168.0.27 & 24.12.4.249 is using NAT (see last pic) **

routerr.png

1.png
2.png
nat.png
 

Attachments

  • nat.png
    nat.png
    3.2 KB · Views: 8
Port forwarding without 'MASQUERADE' may cause problems (since the source-destination at seen endpoint appears asymmetric then). Best practice: to avoid this is when using part forwarding simply to configure
Code: 
iptables -t nat -A POSTROUTING -j MASQUERADE
for having MASQUERADE unconditionally in all cases.

Since I did so it in my personal VPN I do not have routing problems any more (before I had also a lot of these).
 
Richard said:
Port forwarding without 'MASQUERADE' may cause problems (since the source-destination at seen endpoint appears asymmetric then). Best practice: to avoid this is when using part forwarding simply to configure
Code: 
iptables -t nat -A POSTROUTING -j MASQUERADE
for having MASQUERADE unconditionally in all cases.

Since I did so it in my personal VPN I do not have routing problems any more (before I had also a lot of these).
Click to expand...
I dont know anything about iptables, could you please elaborate. I do have marsquerading on, just not in eno1
 
Run simply the command mentioned before:

iptables -t nat -A POSTROUTING -j MASQUERADE
 
Thank you so much, that worked!
I do notice that the load times are very slow, compared to accessing the website from inside the hypervisor.
I am hosing a single website using wordpress. Below are my specs.
The VM uses a Gen 4 M.2 SSD, with unlimited bandwidhth.
CPU running my Proxmox Hypervisor is:
8 x Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz (1 Socket)
webserver_setup.png
 
Richard said:
Run simply the command mentioned before:

iptables -t nat -A POSTROUTING -j MASQUERADE
Click to expand...
After a reboot this occuredScreenshot 2022-12-05 134337.png
NAT isnt working properly, its redirecting to the internal address.
I typed 192.168.0.26 and it did this
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back