what do you mean exactly?the question is, why I can't connect to my vm from internet?
my proxmox has ip public, and every vm in my proxmox using local ip. I've done the port forwarding using iptables, but still can't access the vm
/etc/network/interfaces file.which service of your VM are you trying to access? have you forwarded the necessary port for that service to your VM's internal IP address using iptables?I want to access my vm from outside.
auto lo
iface lo inet loopback
auto enp1s0
iface enp1s0 inet manual
auto enp2s0
iface enp2s0 inet manual
iface enp3s0 inet manual
iface enp4s0 inet manual
auto vmbr0
iface vmbr0 inet static
        address 192.168.100.122/24
        bridge-ports enp1s0
        bridge-stp off
        bridge-fd 0
auto vmbr1
iface vmbr1 inet static
        address 202.56.163.123/29
        gateway 202.56.163.122
        bridge-ports enp2s0
        bridge-stp off
        bridge-fd 0Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8181 to:192.168.100.5:8181
2    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:22222 to:192.168.100.5:22
3    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:2022 to:192.168.100.7:22
4    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8484 to:192.168.100.7:8083
5    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8282 to:192.168.100.7:80
6    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8585 to:192.168.100.7:443
7    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8989 to:192.168.100.9:443
8    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8182 to:192.168.100.9:80
9    DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:12321 to:192.168.100.9:12321
10   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:22223 to:192.168.100.9:22
11   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:2222 to:192.168.100.4:2222
12   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8883 to:192.168.100.4:8883
13   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:3128 to:192.168.100.4:3128
14   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:2222 to:192.168.100.4:2223
15   DNAT       udp  --  anywhere             host.56.163.123.varnion.com  udp dpt:2222 to:192.168.100.4:2222
16   DNAT       udp  --  anywhere             host.56.163.123.varnion.com  udp dpt:2222 to:192.168.100.4:2223
17   DNAT       udp  --  anywhere             host.56.163.123.varnion.com  udp dpt:8883 to:192.168.100.4:8883
18   DNAT       tcp  --  anywhere             host.56.163.123.varnion.com  tcp dpt:8443 to:192.168.100.4:8443
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    MASQUERADE  all  --  host.56.163.120.varnion.com/29  anywhere
2    MASQUERADE  all  --  192.168.100.0/24     anywhere8282 from outside with curl like curl your.ip.address.here:8282 you should be reaching your VM on 192.168.100.7:80. does that work?/etc/network/interfaces into post-up of the interface....
    bridge-fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '192.168.100.0/24' -o enp1s0 -j MASQUERADE
    ...
    post-up iptables -t nat -A PREROUTING -i enp35s0 -p tcp --dport 8282 -j DNAT 192.168.100.7:80
    ...not workso when you try to say reach port8282from outside withcurllikecurl your.ip.address.here:8282you should be reaching your VM on192.168.100.7:80. does that work?
I've fixed it :i also see you have multiple rules for the same destination port on udp 2222 (can be conflicting).
this is how I add the rule :how/where did you add your iptables rules?
try using the enp2s0 interface instead of vmbr1 (since it's bridged to that)iptables -t nat -A PREROUTING -p udp -d 202.56.163.123 --dport 2223 -i vmbr1 -j DNAT --to-destination 192.168.100.4:2223
if you have ifupdown2 installed you can try:btw.. how do i apply iptables rules without restart the proxmox?
ifreload -a (will reload the interface, if you have the post-up it should work)We use essential cookies to make this site work, and optional cookies to enhance your experience.
 
	