Good afternoon, hope everyone in the right mood on Friday Pre-history For a couple months I am hosting VM's and containers on latest Proxmox at Hetzner (updated to 5.4.1 recently), have a free static IP and 3 additional payed IP's, have no problem assigning IP to needed container and access it outside. Two days ago I though that it would be great to host all the CT's behind one management container under additional IP assigned by Hetzner to access them like "plex.mydomain1.com", "jira.mydomain1.com", "confluence.mydomain1.com", but got stuck, real stuck. I've read a lot of info on this forum and Hetzner's, but everywhere is explaining how to use NAT to use host machine IP. Hope you could help. During the days I came up with the thought that this system should work (but it is not): 95.xx.xx.13 - proxy container (proxying the requests to containers based on exact request) 10.10.10.2 - atlassian container 10.10.10.3 - plex container The CT's I have now all on external IP's of Hetzner (each has own IP assigned from additional IP's of Hetzner): 95.xx.xx.11 - plex server with downloaders, radarr and sonarr, uses just a bare ip:8006 95.xx.xx.12 - atlassian stack (Jira and Confluence over Traefik), uses jira.mydomain1.com and confluence.mydomain1.com 95.xx.xx.13 - unused What I've tried: I've read about nginx and traefik usage as a managing container and tried creating host vmbr layout: en3p6s0 - IP: 95.xx.xx.10, 255.255.255.224, gateway: 95.xx.xx.01 vmbr0 - IP: 95.xx.xx.10, gateway: 95.xx.xx.01 vmbr1 - IP: 10.10.10.1, 255.255.255.255 and eth layout on proxy container: eth0 - vmbr0, IP: 95.xx.xx.13, gateway: 95.xx.xx.10 eth1 - vmbr1, IP: 10.10.10.2, gateway: 10.10.10.1 This way I can get access to the internet from the container, I can ping external iIP's and local IP's (either 95.xx.xx.xx and 10.10.10.xx), but the route is still goes behind the host IP of en3p6s0. I've tried searching info on adding the virtual network interface, but almost everywhere said that it is deprecated and I should simply open the routes in vmbr0 for additional IP's (I have no problem with that, but it doesn't help to route the traffic of containers through one of additional IP's). Also maybe you could give me a help on a way to initialise the VPN on this server to have access to CT's behind internal IP's, I don't see another way then installing proxy on the bare Debian install of Proxmox host, am I right?