Proxmox system can no longer be pinged after firewall

M

Meso

Member
Aug 1, 2020
11
1
23
28
Hello everyone,

When I activate the firewall on the systems, the host itself can no longer access the systems via ping, but I can ping outwards from the VM and make updates, the IP addresses are all stored internally.

If I deactivate the firewall everywhere, the VM can no longer ping a Google server, I don't understand this at all at the moment.

So once firewall is on, ping goes to google.com but the host itself can't ping the VM anymore, once firewall is off on the VM, it can ping but the VM can't ping to the outside anymore

Server is with OVH

the Network settings:
On Dedicated:
Code: 
root@pve1:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp1s0f0 inet manual

iface enp1s0f1 inet manual

auto vmbr1
iface vmbr1 inet static
        address 10.0.0.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0

auto vmbr0
iface vmbr0 inet static
        address 51.195.61.41/24
        gateway 51.195.61.254
        bridge-ports enp1s0f0
        bridge-stp off
        bridge-fd 0
        bridge-vlan-aware yes
        bridge-vids 2-4094

on VM:

Code: 
root@web02:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

allow-hotplug ens18
iface ens18 inet static
        address 162.19.141.196/30
        gateway 51.89.43.254
        netmask 255.255.255.255
#
#auto ens19
#iface ens19 inet static
#        address 10.0.0.9/24
#        brigde-ports none
#        bridge-sftp off
#        brdige-fd 0
 

Attachments

  • Screenshot 2024-09-01 110148.png
    Screenshot 2024-09-01 110148.png
    4.4 KB · Views: 2
  • Screenshot 2024-09-01 110136.png
    Screenshot 2024-09-01 110136.png
    23 KB · Views: 1
  • Screenshot 2024-09-01 110134.png
    Screenshot 2024-09-01 110134.png
    18.6 KB · Views: 1
  • Screenshot 2024-09-01 110129.png
    Screenshot 2024-09-01 110129.png
    11.7 KB · Views: 1
  • Screenshot 2024-09-01 110126.png
    Screenshot 2024-09-01 110126.png
    63.6 KB · Views: 1
  • Screenshot 2024-09-01 110112.png
    Screenshot 2024-09-01 110112.png
    8.5 KB · Views: 1
  • Screenshot 2024-09-01 110105.png
    Screenshot 2024-09-01 110105.png
    13.5 KB · Views: 1
  • Screenshot 2024-09-01 110055.png
    Screenshot 2024-09-01 110055.png
    21.3 KB · Views: 1
Last edited:
Hi,

Can you also share the Firewall policy as well, you can see the firewall policy in the Firewall > Options in the PVE Web UI.
 
Hello, I found the problem, there was a wireguard active on the node, it messed everything up, after remove everything was ok again :)
 
  • Like
Reactions: Moayad
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back