[SOLVED] VM doesn't connect internet on NAT Proxmox

Domsday2017

New Member
May 11, 2017
6
0
1
30
I have installed Proxmox 4.4 and i am trying to configure a virtual machine as a communication server that handles all traffic and forwards them to the nodes with private ip.
I configured server for NAT networking.

My problem is I could ping from proxmox server to vm and from vm to proxmox in the address range 10.10.10.x.
Code:
root@pve1:~# ping 10.10.10.10
PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
64 bytes from 10.10.10.10: icmp_seq=1 ttl=64 time=1.69 ms
64 bytes from 10.10.10.10: icmp_seq=2 ttl=64 time=0.857 ms

Code:
[root@localhost ~]# ping 10.10.10.100
PING 10.10.10.100 (10.10.10.100) 56(84) bytes of data.
64 bytes from 10.10.10.100: icmp_seq=1 ttl=64 time=1.53 ms
64 bytes from 10.10.10.100: icmp_seq=2 ttl=64 time=1.03 ms

But I can not ping out the internet from the VM. Please help me fix this
Code:
[root@localhost ~]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.10.10.10 icmp_seq=1 Destination Host Unreachable
From 10.10.10.10 icmp_seq=2 Destination Host Unreachable
From 10.10.10.10 icmp_seq=3 Destination Host Unreachable

I send you the configuration that I have installed.
Proxmox server
Configuration in the file /etc/network/interfaces
Code:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 103.195.xxx.11
    netmask 255.255.255.128
    gateway 103.195.xxx.1

auto vmbr0
iface vmbr0 inet static
    address 10.10.10.100
    netmask 255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
    post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1022 -j DNAT --to 10.10.10.10:22
    post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 1022 -j DNAT --to 10.10.10.10:22

Firewall rule of nat
Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DNAT       tcp  --  anywhere             anywhere             tcp dpt:1022 to:10.10.10.10:22

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  10.10.10.0/24        anywhere

Ip forwarding
Code:
root@pve1:~# cat /proc/sys/net/ipv4/ip_forward
1

Virtual machine
Config interface eth0
Code:
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=4E:73:99:66:5D:9C
TYPE=Ethernet
UUID=ba9961e6-a13a-4899-b744-b6dc07e8956e
IPADDR=10.10.10.10
NETMASK=255.255.255.0
GATEWAY=10.10.10.1
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=no
Rule iptables
Code:
[root@localhost ~]# cat /etc/sysconfig/iptables
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -d 103.195.241.11/32 -p tcp -m tcp --dport 1022 -j DNAT --to-destination 10.10.10.20:1022
-A POSTROUTING -d 10.10.10.20/32 -p tcp -m tcp --dport 1022 -j SNAT --to-source 10.10.10.100
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [37:2732]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1022 -j ACCEPT
COMMIT
Please help me. Sorry my english vey bad
 

manu

Proxmox Staff Member
Retired Staff
Mar 3, 2015
806
66
28
looks to me like your gateway is wrong in the VM config
it should be be the IP adress of the bridge vmbr0 where the routing is taking place (10.10.10.100 according to your /etc/network/interfaces )
 

manu

Proxmox Staff Member
Retired Staff
Mar 3, 2015
806
66
28
I think you should have the possibility of marking this thread as solved in the forum panel
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!