Wednesday, February 5, 2025
Latest:
dhcp server liuxLinux serverNETWORK ADMINISTRATIONS

How to setup Proxmox with Single Public IP and share with VMs | Proxmox Tutorial

Alice AUSTIN

In this video I will show you how to setup proxmox with one single public IP and then share certain ports to other local vms with local IP. What you are doing is just a simple routing rule you setup for route the traffic on this port to your local vm internal IP.

#proxmox #virtualmachine #ipaddress #networking

Example of the rules we will be using in this video:

iptables -t nat -A PREROUTING -p tcp -d 198.0.10.172 –dport 80 -i vmbr0 -j DNAT –to-destination 192.168.10.160:80
iptables -t nat -A PREROUTING -p tcp -d 198.0.10.172 –dport 443 -i vmbr0 -j DNAT –to-destination 192.168.10.160:443

iptables -t nat -A PREROUTING -p tcp -d 198.0.10.172 –dport 27015 -i vmbr0 -j DNAT –to-destination 192.168.10.150:27015
iptables -t nat -A PREROUTING -p udp -d 198.0.10.172 –dport 64100 -i vmbr0 -j DNAT –to-destination 192.168.10.150:64100

Add this NAT outbound Rule to your VM can get to the internet
iptables -A POSTROUTING -t nat -s 192.168.10.0/24 -j MASQUERADE
iptables -A POSTROUTING -t nat -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE
iptables -D POSTROUTING -t nat -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE

Remove NAT Rule
iptables -t nat -L –line-numbers
iptables -t nat -D PREROUTING 7

Save Rules
iptables-save

If you still can’t get it then please see this example below

auto lo
iface lo inet loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet static
address 198.100.140.170/24
gateway 198.100.140.1
bridge-ports eno1
bridge-stp off
bridge-fd 0

auto vmbr1
iface vmbr1 inet static
address 192.168.10.100/24
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 replacewithangleyoutubewontallowit /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE

==Hardware/Parts that I recommend==
Computer/Electronics Repair Tool Kit – https://amzn.to/2HYs46Z​

SUBSCRIBE TO GREYTECH – https://url.greytech.live/MWDs1
FOLLOW US ON TWITTER – https://url.greytech.live/3L8rjS
DISCORD SERVER INVITE – https://url.greytech.live/RuR0X
OUR WEBSITE – https://url.greytech.live/hn0f1

DISCLAIMER: This video and description may contain affiliate links, which means that if you click on one of the product links, I’ll receive a commission. This helps support the channel and allows me to continue to make videos just like this and purchase products to review. I will never support or push a product I don’t believe in and have used myself. GreyTech videos are for educational purpose only. Thank you for your support.

source

by GreyTech

linux dhcp server

Alice AUSTIN

Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

You May Also Like

How to install OpenStack with devstack tool on Ubuntu 20.04 LTS by using VirtualBox.

MCSA | MCSE | Exam AZ-800 Lec-11 | Create and configure Child and Tree DC's | Trusts relationships

Windows server 2016: accesso e permessi

Alice AUSTIN

22 thoughts on “How to setup Proxmox with Single Public IP and share with VMs | Proxmox Tutorial

  • make sure if you want the vm to get out for internet do this
    Add this NAT outbound Rule to your VM can get to the internet

    iptables -A POSTROUTING -t nat -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE

    iptables -D POSTROUTING -t nat -s ‘192.168.10.0/24’ -o vmbr0 -j MASQUERADE

    or make sure your /etc/network/interfaces file has some like below

    auto lo

    iface lo inet loopback

    iface eno1 inet manual

    auto vmbr0

    iface vmbr0 inet static

    address 198.100.140.175/24

    gateway 198.100.140.1

    bridge-ports eno1

    bridge-stp off

    bridge-fd 0

    auto vmbr1

    iface vmbr1 inet static

    address 192.168.10.100/24

    bridge-ports none

    bridge-stp off

    bridge-fd 0

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward

    post-up iptables -t nat -A POSTROUTING -s '192.168.10.0/24' -o vmbr0 -j MASQUERADE

    post-down iptables -t nat -D POSTROUTING -s '192.168.10.0/24' -o vmbr0 -j MASQUERADE

  • Whenever I restart proxmox/server the iptables seem to reset, is there a way I can force them to save? I am saving the iptable with save-all.

  • Maybe somebody's made this comment already ,but it's kind of useless to demo going to localhost after you add a firewall rule to allow port 80 since anything you access via local host isn't gonna go through the firewall. You would want to test it from either another VM on the network or better yet from a public IP address and make sure it's actually making it to your server.

    Having said that, I do appreciate your video because it's a very simplified explanation of exactly what I need to do to set this up on my first ever Proxmox installation

  • ok if you only have one node for proxmox… but if you have a stack of nodes and only one static IP then…. you gotta do something different

  • I cannot configure my sever to gain access to main interface please help

  • Great video, I'm not clear, Can my 1 IP address to the internet be DHCP?
    During initial install the IP Address has to be a static LAN address not a public internet one?

  • note: vmbr0 is initially the IP you use to reach your proxmox server, what should be done to keep communication with the server before committing this change

  • If you had 3 VM's all running Ubuntu, how would you set up the forwarding as they would all be using the same port from the external address?

  • Hello. Is there a way to setup Proxmox fully with a private LAN ip, and then use Tailscale in a container or something like that to give it public access? I want to set up Proxmox in a remote Datacenter. I have a bunch of public IPs available, but ideally I will use them for ingress to my VMs providing some services. For SSH, WEB UI, etc I would like to use tailscale or similar, avoiding public IPs and opening ports. Cheers!

  • Great tutorial, thanks for that. If one follows your instructions, however, not in any case vmbr1 will be active. A hint about what to do to get it active might be helpful.

  • But how do i people connect to that container? Like i have a friend hoe wants one windows vps i have the resources but i cant let him connect with remote connect from windows.

  • How did you connect to your proxmox instance if its running from a public IP. Do you use the Public IP to access the dashboard?

  • thank you, but i have a question,, how if the mysql-server in other CT/VM, how to access the DB

  • Ok so I got one VM working using this method, I made it .160 ip address, the second VM i have done the exact same thing, but using .170 for ip, but this second VM can't access the internet, although I can ping the .100 bridge ip and I can also ping the .160 VM, any ideas?

  • why you setting up nat in proxmox when you can put it behind firewall and setup nat here?

  • This is awesome, thanks a lot for this video!

  • Just use a virtual firewall/router like pfsense to hand out dhcp to all your vm's and that will help you avoid all those headaches Lol

  • About six years ago, I virtualized an open source firewall called Smoothwall and it was fantastic for all six or seven years I had it. I'm now getting ready to rebuild my setup with a ProxMox hypervisor and a virtual pfSense. Can't wait to start!

Comments are closed.