pve nat mode but can't open service port

W

winddu1982

New Member
Mar 23, 2024
3
0
1
use nat mode with config:
nano /etc/network/interfaces

auto lo
iface lo inet loopback

iface ens33 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.1.250/24
gateway 192.168.1.1
bridge-ports ens33
bridge-stp off
bridge-fd 0
post-up iptables -t raw -I PREROUTING -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING -i fwbr+ -j CT --zone 1


auto vmbr1
iface vmbr1 inet static
address 192.168.99.1/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up bash /root/iptables.config.sh
post-up iptables -t nat -A POSTROUTING -s '192.168.99.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.99.0/24' -o vmbr0 -j MASQUERADE


source /etc/network/interfaces/*


run 2 vms:
1、vm1(windows) ip: 192.168.99.100
2、vm2(windows) ip: 192.168.99.200

open iis port 80 at vm2

add nat port use script iptables.config.sh、iptables.sh 192.168.1.250 : 8080 ===> 192.168.99.200 : 80

in vm1:
I can use 192.168.99.200 in edge browser
but I can't use 192.168.1.250:8080 in edge browser


in vm2:
the same,,,,,can't use 192.168.1.250:8080


but i can use a computer with ip 192.168.1.102 to visit 192.168.1.250:8080

What can i do?
 

Attachments

  • iptables.config.txt
    21 bytes · Views: 1
  • iptables.txt
    4 KB · Views: 2
I don't know...
here it's for hosted website with a domain name, so I used "hosts" file within guest where PVE main ip is a wan ip and guest can't access its website with the public ip.
This allow testing website within guest, using domain name resolved to guest ip itself instead public ip.
(sorry for my wording...)
 
Last edited:
_gabriel said:
I don't know...
here it's for hosted website with a domain name, so I used "hosts" file within guest where PVE main ip is a wan ip and guest can't access its website with the public ip.
This allow testing website within guest, using domain name resolved to guest ip itself instead public ip.
(sorry for my wording...)
Click to expand...
Thanks....:D:D
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back