Hello,
First of all I apologize for my lack of skill and knowledge about networking but I started this proxmox project precisely to improve my skills AND to migrate all my services which are currently running on two old laptops.
I just installed my first proxmox instance and I'm struggling with routing.
This is my setup:
- A domestic ISP router with integrated firewall and switch
- My proxmox host directly connected to the router with datacenter and node firewalls' enabled
- An LXC container on which I installed nginx, firewall enabled
- Standard out-of-the-box internal network configuration with both the node and the vms/cts talking on vmbr0
As soon as I installed and configured the LXC container it popped up on my router control panel as expected and i proceeded to forward ports 443 and 80 to the container's IP. I've already configured DNS records on my domain provider and as soon as i typed the assigned FQDN i could reach the nginx webserver (but just on port 80).
I then proceeded to enable proxmox's internal firewall (datacenter > node > lxc) with this config:
Direction: in
Action: ACCEPT
Interface: vmbr0
Destination: lxc's ip
Protocol: tcp
Source port: 443 (and, obviously, same configuration for port 80)
Now I can't reach the webserver anymore.
Also one red flag that's making me think I am doing something deeply wrong is that the first time I create a firewall rule it gets applied with no problems but as soon as I re-open it and edit it I get this warning - dest: invalid ipset name '+undefined/undefined' - until I delete and re-write the lxc's IP in the destination field.
Sorry for the long post and thanks in advance to whoever is willing to help me!
First of all I apologize for my lack of skill and knowledge about networking but I started this proxmox project precisely to improve my skills AND to migrate all my services which are currently running on two old laptops.
I just installed my first proxmox instance and I'm struggling with routing.
This is my setup:
- A domestic ISP router with integrated firewall and switch
- My proxmox host directly connected to the router with datacenter and node firewalls' enabled
- An LXC container on which I installed nginx, firewall enabled
- Standard out-of-the-box internal network configuration with both the node and the vms/cts talking on vmbr0
As soon as I installed and configured the LXC container it popped up on my router control panel as expected and i proceeded to forward ports 443 and 80 to the container's IP. I've already configured DNS records on my domain provider and as soon as i typed the assigned FQDN i could reach the nginx webserver (but just on port 80).
I then proceeded to enable proxmox's internal firewall (datacenter > node > lxc) with this config:
Direction: in
Action: ACCEPT
Interface: vmbr0
Destination: lxc's ip
Protocol: tcp
Source port: 443 (and, obviously, same configuration for port 80)
Now I can't reach the webserver anymore.
Also one red flag that's making me think I am doing something deeply wrong is that the first time I create a firewall rule it gets applied with no problems but as soon as I re-open it and edit it I get this warning - dest: invalid ipset name '+undefined/undefined' - until I delete and re-write the lxc's IP in the destination field.
Sorry for the long post and thanks in advance to whoever is willing to help me!
