[PVE-User] Proxmox in DMZ
Holger Ernst
he at ernstdatenmedien.de
Mon Nov 21 11:12:20 CET 2011
Why would you want to put the host (interface) into a DMZ?
>From my point of view the managing network should never be exposed. And there is no need to do so (at least I can not imagine one).
Regards, Holger
-----Ursprüngliche Nachricht-----
Von: pve-user-bounces at pve.proxmox.com [mailto:pve-user-bounces at pve.proxmox.com] Im Auftrag von lst_hoe02 at kwsoft.de
Gesendet: Freitag, 18. November 2011 13:32
An: pve-user at pve.proxmox.com
Betreff: [PVE-User] Proxmox in DMZ
Hello
we are testing Proxmox and would like to get some Input about securing
the HW Node. We like to limit ssh, the webinterface and deny the rest
with ip(6)tables which should be trouble free. What i'm unsure is
- Would this break anything from Proxmox point of view?
- What ports/connections/directions would be needed for clustering
with a server outside the DMZ?
- Is it possible to install our own SSL/TLS certificate instead the
self created?
There will be no NFS used on this node so maybe it would be save to
turn off portmapper/statd?
Many Thanks
Andreas
More information about the pve-user
mailing list