My setup will using Two Nic, this is a home server and they will use dhcp to get the ip.
one for VM (public wan) enp0s25
one for proxmox hypervisor (Connect by local lan only) ens1
enp0s25 = onboard intel lan [VM will using it]
ens1= pcie lan [ I plan to use my local lan computer to access it]
My current setup is as follow
By using above settings, I can access my proxmox hypervisor with both public and private ip and therefore I have setup additional firewall rule to allow only the local lan ip can access the proxmox hypervisor.
I wonder if I am on the right track to setting this up. Is there any security risk by using above setup?
Is there any better way to isolate proxmox hypervisor from enp0s25 without using firewall?
Or I should never bridge ens1 with vmbr0 and directly assign this visualize network port to the VM.
Please let me know, Thanks!
one for VM (public wan) enp0s25
one for proxmox hypervisor (Connect by local lan only) ens1
enp0s25 = onboard intel lan [VM will using it]
ens1= pcie lan [ I plan to use my local lan computer to access it]
My current setup is as follow
Code:
auto lo
iface lo inet loopback
iface enp0s25 inet manual
iface ens1 inet manual
auto vmbr0
iface vmbr0 inet dhcp
bridge-ports ens1
bridge-stp off
bridge-fd 0
auto vmbr1
iface vmbr1 inet dhcp
bridge-ports enp0s25
bridge-stp off
bridge-fd 0By using above settings, I can access my proxmox hypervisor with both public and private ip and therefore I have setup additional firewall rule to allow only the local lan ip can access the proxmox hypervisor.
I wonder if I am on the right track to setting this up. Is there any security risk by using above setup?
Is there any better way to isolate proxmox hypervisor from enp0s25 without using firewall?
Or I should never bridge ens1 with vmbr0 and directly assign this visualize network port to the VM.
Please let me know, Thanks!
Last edited:
