Hello!
While learning the Proxmox's firewall today I was puzzled by the folloing issues: I was planning to create the two rules on Datacenter level - 1) Access to web console and 2) icmp access and make sure I would be able 1) to connect to the console and ping the server and 2) I would not be able to ssh to pve:

When testing ssh access I was first suprised to see it was working and then realized that I should have been locked out at all as I had fogotten to enter the port number (8006) instead of the HTTPS Macro in the rule 1 so
Q1: Why is the Datacenter firewall not working in this case?
And one more question on firewall, please:
As soon as I've noticed that I created the wrong rule I turned the Datacenter firewall off and checked whether the server-level firewall was off either:

Q2-1: Was it the enabling of Datacenter Firewall that also enabled the server-level firewall ( I did NOT enable the server-level firewall - I've even never reached that tab yet) ?
Q2-2: If Q2-1 = Yes then is it normal that disabling the Datacenter Firewall does not lead to disabling the server firewall?
Q2-3: Should the server-level firewall work if the Datacenter-firewall is turned of?
Thank you in advance,
Michael
While learning the Proxmox's firewall today I was puzzled by the folloing issues: I was planning to create the two rules on Datacenter level - 1) Access to web console and 2) icmp access and make sure I would be able 1) to connect to the console and ping the server and 2) I would not be able to ssh to pve:

When testing ssh access I was first suprised to see it was working and then realized that I should have been locked out at all as I had fogotten to enter the port number (8006) instead of the HTTPS Macro in the rule 1 so
Q1: Why is the Datacenter firewall not working in this case?
And one more question on firewall, please:
As soon as I've noticed that I created the wrong rule I turned the Datacenter firewall off and checked whether the server-level firewall was off either:

Q2-1: Was it the enabling of Datacenter Firewall that also enabled the server-level firewall ( I did NOT enable the server-level firewall - I've even never reached that tab yet) ?
Q2-2: If Q2-1 = Yes then is it normal that disabling the Datacenter Firewall does not lead to disabling the server firewall?
Q2-3: Should the server-level firewall work if the Datacenter-firewall is turned of?
Thank you in advance,
Michael
Last edited: