Public IPs and monitoring for Promox firewall

I

impire

Active Member
Jun 10, 2010
108
0
36
Hello,

Apologize in advance for newbie questions.

1) I am currently using a dedicated firewall in front of the Proxmox clusters (5 servers). The clusters are on internal LAN.

I only need one public IP which give me access to internal lan, from there I can manage all the servers on the clusters. Please correct me if I am wrong, but with Proxmox firewall I would need a public IP for each of the servers on the cluster. That's 4 more IPs than I need to manage the servers.

The ISP charges monthly for each additional IP so ideally I would want to minimize its usage. It would be nice of there's a way for the Proxmox servers on Proxmox firewall to share one public IP.

2) Although I love the fact that Proxmox have integrated firewall, I don't see any monitoring capability. There's no way to tell what's the firewalls are doing (logs, packets, bandwidth, etc). Does anyone know of tools that can give better monitoring/reporting capability for the Proxmox firewall.

Thank you in advance for your help.

Regards,

Todd
 
If I were you in that scenario, I would forward some ports on the one IP you have to a VPN (either a real hardware one, or a VM/CT in the cluster). You can then connect to that from the outside world and get a local IP. From there, you can access the cluster as if you were local.

The firewall is 'just' iptables. Any monitoring you'd normally do can be done with it as well. There's a traffic overview for example within the web interface.
 
Thank you very much for your help.

So I still need to assign a public IP for each of the servers in the cluster? I have 5 Proxmox servers.
 
Not at all. The VPN will put you securely 'in' the private network. You can then access all 5 servers in the cluster, as if you were on the same physical private LAN. You don't need to order any more public IP addresses. Your 5 servers all have private IP's, and the VPN will (subject to correct setup) give you an IP in that same subnet.

Eg:

Proxmox1: 10.10.10.1
Proxmox2: 10.10.10.2
Proxmox3: 10.10.10.3
....
Router: 10.10.10.254

You, via VPN: 10.10.10.253 (eg).
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back