SPICE and VPN - one ip able to connect others not...


New Member
Nov 12, 2015
I set up a road warrior L2TP/IPSec VPN on a PFSense firewall and i have 2 users with static IP. Let's say and in an network an L2TP server located at No issues with that, i followed the PFSense howto.
I connect using the Microsoft Windows 10 built in tool (can't test with another OS a this moment).

Opening a console with NoVNC works fine whatever the user/ip, but when trying to open a SPICE console only the first ip ( whatever the user) is able to get a display.

After spending my morning reading logs, docs, forums, and testing... I'm still stuck (brain error 500 please reboot). What did i missed or not understood ?

Can someone give me a hint on what to do to find what's going on and solve this issue.

proxmox-ve: 6.0-2 (running kernel: 5.0.21-1-pve)
spiceterm: 3.1-1
One difference between noVNC and spice is that spice uses port 3128 directly - noVNC goes via 443 (websocket) - maybe it's a missing fw-policy?

Hope this helps
Then I'd say try tcpdumping on the wire and see if you find a difference between both IPs connecting


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!