SingleIP Setup Working - adding SecondIP to Proxmox

[xam]

Hi,

I'm currently running Proxmox with just one Public IP.

eno1 -> vmbr1 -> PfSense WAN
PfSense LAN -> vmbr2 (VM LAN)

Everything working like a charm. Reverse Proxy with NGINX and everything is configured and working.

We do have an issue that one of our servers (Mailstore) doesn't work with reverse proxy -> we've ordered an additional ip Adress, set vmbr0 with 2nd Public IP and Server is reachable over 2nd Public IP.
Now I'm not getting the correct hint to give the Public IP to the VM.

Would be very happy for any advise. - hostet @hetzner

Current configuration:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface lo inet6 loopback

# WAN1#
auto eno1
iface eno1 inet static
        address 88.111.11.111/27
        gateway 88.111.11.110
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        up route add -net 88.111.11.109 netmask 255.255.255.224 gw 88.111.11.119 dev eno1
        up echo 1 > /proc/sys/net/ipv4/ip_forward
        up iptables -t nat -A PREROUTING -i eno1 -p tcp -m multiport ! --dport 22,8006 -j DNAT --to 10.0.0.2
        up iptables -t nat -A PREROUTING -i eno1 -p udp -j DNAT --to 10.0.0.2
#WAN1#

iface eth0 inet manual

#WAN1 - PfSense#
auto vmbr1
iface vmbr1 inet static
        address 10.0.0.1/30
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up iptables -t nat -A POSTROUTING -s '10.0.0.0/8' -o eno1 -j MASQUERADE
        down iptables -t nat -D POSTROUTING -s '10.0.0.0/8' -o eno1 -j MASQUERADE
#WAN1 - PfSense#

#WAN2#
auto vmbr0
iface vmbr0 inet static
        address 88.222.22.222
        netmask 255.255.255.255
        pointopoint 88.222.22.1
        gateway 88.222.22.1
        bridge_ports eno1
        bridge_stp off
        bridge_fd 1
#WAN2#

#VM-LAN#
auto vmbr2
iface vmbr2 inet static
        address 10.100.0.2/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#VM-LAN#

 

[geimsdin]

I'm currently running Proxmox with just one Public IP.

eno1 -> vmbr1 -> PfSense WAN
PfSense LAN -> vmbr2 (VM LAN)

Everything working like a charm. Reverse Proxy with NGINX and everything is configured and working.

We do have an issue that one of our servers (Mailstore) doesn't work with reverse proxy -> we've ordered an additional ip Adress, set vmbr0 with 2nd Public IP and Server is reachable over 2nd Public IP.
Now I'm not getting the correct hint to give the Public IP to the VM.

Would be very happy for any advise. - hostet @hetzner

Current configuration:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

iface lo inet6 loopback

# WAN1#
auto eno1
iface eno1 inet static
        address 88.111.11.111/27
        gateway 88.111.11.110
        bridge-ports none
        bridge-stp off
        bridge-fd 0

        up route add -net 88.111.11.109 netmask 255.255.255.224 gw 88.111.11.119 dev eno1
        up echo 1 > /proc/sys/net/ipv4/ip_forward
        up iptables -t nat -A PREROUTING -i eno1 -p tcp -m multiport ! --dport 22,8006 -j DNAT --to 10.0.0.2
        up iptables -t nat -A PREROUTING -i eno1 -p udp -j DNAT --to 10.0.0.2
#WAN1#

iface eth0 inet manual

#WAN1 - PfSense#
auto vmbr1
iface vmbr1 inet static
        address 10.0.0.1/30
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        up iptables -t nat -A POSTROUTING -s '10.0.0.0/8' -o eno1 -j MASQUERADE
        down iptables -t nat -D POSTROUTING -s '10.0.0.0/8' -o eno1 -j MASQUERADE
#WAN1 - PfSense#

#WAN2#
auto vmbr0
iface vmbr0 inet static
        address 88.222.22.222
        netmask 255.255.255.255
        pointopoint 88.222.22.1
        gateway 88.222.22.1
        bridge_ports eno1
        bridge_stp off
        bridge_fd 1
#WAN2#

#VM-LAN#
auto vmbr2
iface vmbr2 inet static
        address 10.100.0.2/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#VM-LAN#

Hi XAM,

I am exactly in your same situation and I was hoping you did get a response but unfortunately noone did help. Did you manage to find the way to make it work on hetzner?
Thanks,

Simone