VMs and CTs Unable to Connect to Local Network Devices

[saile2204]

Hi everyone,

I'm experiencing a strange networking issue with my Proxmox setup. All of my VMs and containers have suddenly stopped being able to connect to any devices inside the local network. However, the host itself is functioning normally, and I can still connect to the VMs from outside using SSH. Additionally, the VMs and containers can still access the internet without any problems.

Host Interface Settings:

auto lo
iface lo inet loopback

iface eno2 inet manual

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.178.3/24
gateway 192.168.178.1
bridge-ports eno2
bridge-stp off
bridge-fd 0

source /etc/network/interfaces.d/*

• The firewall is disabled.
• The host itself can access both the local network and the internet without issues.
• The problem seems to be limited to VMs and containers not being able to reach local network devices.

I've already tried restarting the networking service, checking for any firewall rules, and even rebooting the Proxmox host, but nothing has resolved the issue.

Does anyone have any idea what could be causing this or any suggestions on how to troubleshoot further?

Thank you in advance for your help!

 

[saile2204]

Solution: Completely Reset the Proxmox Firewall​

To completely reset the Proxmox firewall and clear all rules, follow these steps:

1. Stop the Proxmox Firewall Service:
   First, stop the Proxmox firewall service to prevent any new rules from being applied:
   bash
   Code kopieren
   pve-firewall stop
2. Flush All iptables and ip6tables Rules:
   Clear all existing firewall rules, including NAT and mangle tables:
   bash
   Code kopieren
   iptables -F
   iptables -X
   iptables -t nat -F
   iptables -t nat -X
   iptables -t mangle -F
   iptables -t mangle -X
   
   ip6tables -F
   ip6tables -X
   ip6tables -t nat -F
   ip6tables -t nat -X
   ip6tables -t mangle -F
   ip6tables -t mangle -X
3. Delete Any Remaining Custom Chains:
   Sometimes flushing the rules doesn't delete all custom chains. Ensure they are removed:
   bash
   Code kopieren
   iptables -F
   iptables -X
   ip6tables -F
   ip6tables -X
4. Remove Persistent iptables Rules:
   If there are any persistent rules saved in configuration files, remove them to prevent them from being reloaded on reboot. Typically, these files are located at:
   bash
   Code kopieren
   rm /etc/iptables/rules.v4
   rm /etc/iptables/rules.v6
5. Restart the Firewall Service (Optional):
   If you want to start fresh with the Proxmox firewall settings, restart the firewall service:
   bash
   Code kopieren
   pve-firewall start
   You can also manage firewall settings per VM/container or globally via the Proxmox GUI.
6. Reboot the Host (Optional):
   To ensure that all changes take effect and no remnants of the old rules remain, consider rebooting the host:
   bash
   Code kopieren
   reboot
7. Verify the Firewall Status:
   After completing the steps, check to ensure that all rules are cleared:
   bash
   Code kopieren
   iptables -L
   ip6tables -L
   This should show empty chains with the default policy set to ACCEPT.

Outcome:​

After following these steps, my VMs and containers were able to communicate with the local network again without any issues.

I hope this helps anyone else facing the same problem!