Proxmox Pfsense only 1 public IP
-
So 10.0.0.2 is the pfSense WAN IP and 10.0.0.1 is the Proxmox host? Or some other VM you are testing from?
We do see that one SIP packet from some external address. And pfSense has opened a state for it so its being passed. Your WAN firewall rules are currently wide open.
Make sure you are actively trying to open an SSH connection when you check the states.
Steve
-
It was the checksum off-loading? You were using vtnet NICs in Proxmox?
-
@stephenw10
Yes 10.0.0.1 is the Proxmox and 10.0.0.2 is the Pfsense.
I´m looking while i try to connnect to SSH. There are no new entries. -
But you are now able to connect to the Minecraft server with hardware checksum off loading disabled?
-
@stephenw10 It was working for 10 sec then the SSH refused again.
I think that i use vtnet on Nic but i dont know what this mean. -
@stephenw10 no at the moment it does not work.
-
Ok, where are you testing from? What is the source address?
The pfSense WAN is wide open so you should see states created for any traffic that hits it. It looks like your test traffic never makes it to pfSense so either Proxmox is not forwarding it or it never arrives at Proxmox.
Steve
-
@stephenw10
I have on the LAN a DHCP configured with the IP net 192.168.1.1/24 so the Container in Proxmox getting an IP from that.
I´ve checked the Ip adress with the NAT Rules.
I also checked the status from the SSH ServerSo far as i know should be the rules forward all traffic to the pfsense.
-
It doesn't look like a problem with the container, the traffic is not reaching the pfSense WAN.
How are you accessing the pfSense webgui? From the same place? What is that place? Something outside the Proxmox public IP?
Steve
-
-
@stephenw10
I acces the Pfsense via SSh over the Proxmox.
I map the Port to my Localhost
So via localhost -
Ah, OK.
You should be able to access it directly if Proxmox is correctly forwarding all traffic to the pfSense WAN. That should include port 443 to the pfSense webgui.
-
@stephenw10
I know that i was able to do that but at the moment it do not work. So it seems that Proxmox do not forward all traffic ? -
That's what it looks like to me.