SPICE and VPN - one ip able to connect others not...

Alt0160

New Member
Nov 12, 2015
2
0
1
Hi,
I set up a road warrior L2TP/IPSec VPN on a PFSense firewall and i have 2 users with static IP. Let's say 192.168.1.9 and 192.168.1.10 in an
192.168.1.8/29 network an L2TP server located at 192.168.1.7. No issues with that, i followed the PFSense howto.
I connect using the Microsoft Windows 10 built in tool (can't test with another OS a this moment).

Opening a console with NoVNC works fine whatever the user/ip, but when trying to open a SPICE console only the first ip (192.168.1.9 whatever the user) is able to get a display.

After spending my morning reading logs, docs, forums, and testing... I'm still stuck (brain error 500 please reboot). What did i missed or not understood ?

Can someone give me a hint on what to do to find what's going on and solve this issue.

proxmox-ve: 6.0-2 (running kernel: 5.0.21-1-pve)
spiceterm: 3.1-1
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
1,785
168
63
One difference between noVNC and spice is that spice uses port 3128 directly - noVNC goes via 443 (websocket) - maybe it's a missing fw-policy?

Hope this helps
 

Stoiko Ivanov

Proxmox Staff Member
Staff member
May 2, 2018
1,785
168
63
Then I'd say try tcpdumping on the wire and see if you find a difference between both IPs connecting
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!