Why do I have no Internet connection to the LXC container?

[Phneutral]

Hello,

I have made a screenshot of my network configuration here

2 screeshots of the configuration of the two containers with different gateways.

I cannot get internet access to the two containers.

does anyone know where the error lies?


Proxmox VE is installed on a vServer. I think that is why it is not possible to assign the containers an IP from the same address range as the node

thx for your help

 

[sw-omit]

1. Gateways always need to be within the same subnet as the IP
2. Internal/LAN IP's (like the 192.168.X.X range you have) are not transferred over the internet, they always need some translation (like a router) in-between them.
3. Technically assigning an IP to the container in the same range as the one for the server (other then the server or router's IP itself) should be possible, unless of course those IP's are already in use by others and get blocked further up-stream for this reason. You'd have to get more IP's from your internet or hosting provider to do this.

The translation from local to internet can either be done via a Container or VM running some kind of router software (the problem being that if you only have 1 IP from your hosting-provider and no access to a shell which does NOT use the IP-address of the server, you can't "swap" them (easily)
The alternative is to let Proxmox itself do the acting as router for you via iptables:
https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading


So to summerize your options (that I see at least):

• Get more IP's from your provider and assign those to your containers
• Get access to the shell through some other route (IPMI/ILO/Asking-your-provider) to set up a router VM/Container with the IP-adress of the host, and acccess the proxmox after that through a port-forward to an internal IP you set up for Proxmox
• Use IP-Tables to NAT (Network Address Translate) your internal traffic to your (proxmox) external IP.

 

[Phneutral]

thanks! your tip with the masquerading helped.

the container is now online. but i still can't access the web ui.

the proxmox ve ui is reachable on port 8006. proxmox mail gateway is also configured on 8006 but the web ui is not reachable from outside.

How can I solve this problem?

i have already tried to make port 8007 reachable from the outside in different levels so that it forwards to port 8006 of the container. but i have not had any success so far.

 

[sw-omit]

No real experience with PMG nor ip-tables, so not that sure, so let's try a few things first:
If you open the shell of both your proxmox directly and your mailserver-container, can you try using this command:
curl -s -k https://<PMG-Internal-IP>:8006 | grep title
so if your internal ip is still 192.168.10.10, it would be:
curl -s -k https://192.168.10.10:8006 | grep title
This should return you the title of the page it finds on that IP/port, just to check if PMG itself is properly running/responding.

If it doesn't, we'll have to figure out why not first, before we can look at NAT-Translation.

 

[Phneutral]

ok, i got the same result twice

 

[sw-omit]

Ok, so we at least know that the service is running and reachable from the "LAN" of that network.

Like I said, not that familiar with iptables, could you show me what you've set up so far? (Also so that someone who might be more familiar with it can chime in)