[PVE-User] PVE Firewall Port forwarding...

Ronny Aasen ronny+pve-user at aasen.cx
Sun Apr 7 20:41:58 CEST 2019


is your proxmox host the firewall in your setup?

in order to maintain sanity i only NAT at a single place, on the border 
between public internet and DC internal networking.
promox vm's are assigned a vlan tag, and the proxmox host itself just 
forward frames in a vlan aware bridge.

the firewall can be a vm in proxmox tho, but I never use the host itself 
as the border gateway.



kind regards
Ronny Aasen


On 06.04.2019 16:25, Gilberto Nunes wrote:
> Hi there...
>
> Is there any way to use port forward in PVE Firewall?
> I tried to create a sec group but doesn't work.
> So I need to create by hand the rule below, in order to work properly:
>
> iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 10200 -j DNAT
> --to-destination aaa.bbb.ccc.ddd:10200
>
> I suppose in web gui would be nice to have this feature...
>
> Thanks
>
> ---
> Gilberto Nunes Ferreira
>
> (47) 3025-5907
> (47) 99676-7530 - Whatsapp / Telegram
>
> Skype: gilberto.nunes36
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user




More information about the pve-user mailing list