I have a proxmox server that I am setting up to take the place of my mikrotik router. Currently it’s still offline (no internet access) until I am certain I have the networking worked out.
The first proxmox server I installed was 6.3? and since it was a host in my LAN I used an iptables setup similar to my raspberry pi‘s that allowed LAN connections and only internet access for updates.
I have read that the proxmox firewall is a cascading style but that it doesn’t always work as expected.
Right now I managed to get openwrt installed as a container with two eth adaptors (lan and wan). I haven’t setup the proxmox firewall and now I am curious how I should go about it. I guess it confuses me because on a single proxmox host I see datacenter with a firewall section and then when I expand my node I see another firewall section.
The openwrt container is intended to be my router (dhcp for lan) and my internet access. So the physical connections would be - ISP modem > wan port > openwrt < lan port < cisco switch.
What is the best (recommended way) to setup the firewall for the wan port while still allowing protected internet access to the lan hosts and also protecting the proxmox server itself since it will be connected directly to the ISP.
Thanks in advance
The first proxmox server I installed was 6.3? and since it was a host in my LAN I used an iptables setup similar to my raspberry pi‘s that allowed LAN connections and only internet access for updates.
I have read that the proxmox firewall is a cascading style but that it doesn’t always work as expected.
Right now I managed to get openwrt installed as a container with two eth adaptors (lan and wan). I haven’t setup the proxmox firewall and now I am curious how I should go about it. I guess it confuses me because on a single proxmox host I see datacenter with a firewall section and then when I expand my node I see another firewall section.
The openwrt container is intended to be my router (dhcp for lan) and my internet access. So the physical connections would be - ISP modem > wan port > openwrt < lan port < cisco switch.
What is the best (recommended way) to setup the firewall for the wan port while still allowing protected internet access to the lan hosts and also protecting the proxmox server itself since it will be connected directly to the ISP.
Thanks in advance