Proxmox VE: NAT AND BRIDGE with 1 Physical Interface

Baati

New Member
Nov 17, 2013
4
0
1
I am looking for a configuration on debian that would give me an interface that I can use to bridge the host's network and an interface that I can use to NAT the VM-s behind that specific device.

I am planning to move to Proxmox but so far I could not find any guide related to using both of them. I could only find that was dealing with one of them but not both.

If I am correct I need at least two ip from the network of the host's ip (which a public network with fixed ips) and a third one for the VM that is bridged over the physical interface. I actually have no idea how the interfaces files looks like in this case. Can someone please point me to the right direction?
 

Baati

New Member
Nov 17, 2013
4
0
1

auto lo
iface lo inet loopback

iface eth0 inet manual

auto vmbr0
iface vmbr0 inet static
address 79.x.x.x
netmask 255.255.255.0
gateway 79.x.x.x
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0

post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADEWould this be okay?
 

kobuki

Active Member
Dec 30, 2008
459
22
38
It should be "-o vmbr0" for the masquerading rules, since this interface is the one to carry the public ip, otherwise it should be OK.
 

Baati

New Member
Nov 17, 2013
4
0
1
It should be "-o vmbr0" for the masquerading rules, since this interface is the one to carry the public ip, otherwise it should be OK.

So you are saying I can masquared to/on a bridge? I thought NATing on a bridge device is not possible.
 

Baati

New Member
Nov 17, 2013
4
0
1
It should be "-o vmbr0" for the masquerading rules, since this interface is the one to carry the public ip, otherwise it should be OK.

Hey!

I managed to setup and everything is awsome but I cant seem to get port forwaring working. Could you please give me an example if I want to port forward public address:4000 to let say privateaddr rdp (10.10.10.2:3389)?

Thanks in advance and pls urgent.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!