Hi,
I try to setup a virtual sophos as firewall for my VM in a private vlan et also give access to remote user/site using vpn
proxmox 7
eno1 -> vmbr0 (public IP as management on ovh infrastructure)
eno2 (connected to the vrack service in ovh)
vmbr1 -> en02
vmbr2 - > eno2.100 (private lan for the cluster - all is running as espected, the cluster for proxmox is well running)
vmbr3 - > eno2.110 with no IP and vlan award disabled ( private lan for the VM)
sophos
portA connected to vmbr3 with an private IP for management
portB connected to vmbr1 with a public IP from an IP bloc frome ovh
setup a VPN remote VPN access for client ... Client can connect to the sophos
Setup a VM (windows server) on vmbr3
from the windows I can ping, manage and configure the sophos through it's ip management (vmbr3)- I can get access to internet and the public IP used for the connection is th IP from external interface (verified with whta's myip site) of sophos (runing fine)
from a remote client in the VPN I can ping the portA Ip of the sophos
But ... from a remote client i can't ping the windows server
But .. from the console in CLI on the sophos I can't ping the windows server (firewall disabled on it)
Whta's wrong : from the windows server I can ping the sophos internal interface , but from the sophos internal interface I can't ping the server
On the sophos there are firewall rules that's allow connection between vpn client and internal network
Is there a config on proxmox interface to allow connection from an interface on the sophos (portA) on a bridge of proxmox with a VLAN (eno2.110)
Thanks for your expercience
I try to setup a virtual sophos as firewall for my VM in a private vlan et also give access to remote user/site using vpn
proxmox 7
eno1 -> vmbr0 (public IP as management on ovh infrastructure)
eno2 (connected to the vrack service in ovh)
vmbr1 -> en02
vmbr2 - > eno2.100 (private lan for the cluster - all is running as espected, the cluster for proxmox is well running)
vmbr3 - > eno2.110 with no IP and vlan award disabled ( private lan for the VM)
sophos
portA connected to vmbr3 with an private IP for management
portB connected to vmbr1 with a public IP from an IP bloc frome ovh
setup a VPN remote VPN access for client ... Client can connect to the sophos
Setup a VM (windows server) on vmbr3
from the windows I can ping, manage and configure the sophos through it's ip management (vmbr3)- I can get access to internet and the public IP used for the connection is th IP from external interface (verified with whta's myip site) of sophos (runing fine)
from a remote client in the VPN I can ping the portA Ip of the sophos
But ... from a remote client i can't ping the windows server
But .. from the console in CLI on the sophos I can't ping the windows server (firewall disabled on it)
Whta's wrong : from the windows server I can ping the sophos internal interface , but from the sophos internal interface I can't ping the server
On the sophos there are firewall rules that's allow connection between vpn client and internal network
Is there a config on proxmox interface to allow connection from an interface on the sophos (portA) on a bridge of proxmox with a VLAN (eno2.110)
Thanks for your expercience