Hi all,
I am just getting started with Proxmox. I presently have a single node hosting only one container.
The container is running a PBX, for which I need to expose a single port to my provider (IAX2: 4569 UDP). Accepting the risks, in the first instance I would like the firewall running in the container app to manage to security. Once I have convinced myself of calls in and out I will add more security around the PVE side of the setup.
Presently I am attempting the following:
External (Hardware) Router
- Port forward 4569 UDP to 192.168.0.nnn
Datacenter Firewall:
- Input policy: ACCEPT
- Output policy: ACCEPT
Node Firewall:
- Disabled
LXC Container 101 Network:
- Firewall: Disabled
LXC Container 101 Firewall:
- Disabled
- Input policy: ACCEPT
- Output policy: ACCEPT
Container (Elastix) Firewall:
- Configured
I presume that the above settings, at least as far as PVE is concerned will permit bidirectional traffic to the container? Does a disabled firewall also automatically block the inbound traffic in my configuration above.
I can see that local network traffic is routed to the LXC container, and also the container can connect back to the provider on the outbound route, however inbound calls are not getting to where they need to be,
All firmware/softeware is updated to latest available (PVE 4.4, Elastix 2.5), etc.
Many thanks.
All best,
Chris.
I am just getting started with Proxmox. I presently have a single node hosting only one container.
The container is running a PBX, for which I need to expose a single port to my provider (IAX2: 4569 UDP). Accepting the risks, in the first instance I would like the firewall running in the container app to manage to security. Once I have convinced myself of calls in and out I will add more security around the PVE side of the setup.
Presently I am attempting the following:
External (Hardware) Router
- Port forward 4569 UDP to 192.168.0.nnn
Datacenter Firewall:
- Input policy: ACCEPT
- Output policy: ACCEPT
Node Firewall:
- Disabled
LXC Container 101 Network:
- Firewall: Disabled
LXC Container 101 Firewall:
- Disabled
- Input policy: ACCEPT
- Output policy: ACCEPT
Container (Elastix) Firewall:
- Configured
I presume that the above settings, at least as far as PVE is concerned will permit bidirectional traffic to the container? Does a disabled firewall also automatically block the inbound traffic in my configuration above.
I can see that local network traffic is routed to the LXC container, and also the container can connect back to the provider on the outbound route, however inbound calls are not getting to where they need to be,
All firmware/softeware is updated to latest available (PVE 4.4, Elastix 2.5), etc.
Many thanks.
All best,
Chris.
Last edited:
