Skip to content

Instantly share code, notes, and snippets.

@KrustyHack

KrustyHack/howto.md

Last active October 22, 2023 19:38
Show Gist options
  • Save KrustyHack/3189e1bb5a5c72e1643d3ac37783bd99 to your computer and use it in GitHub Desktop.
Save KrustyHack/3189e1bb5a5c72e1643d3ac37783bd99 to your computer and use it in GitHub Desktop.
Download ZIP
Proxmox NAT
Raw
howto.md

Forwarding

iptables -t filter -A FORWARD -o vmbr0 -j ACCEPT
iptables -t filter -A FORWARD -i vmbr0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o vmbr0 -j MASQUERADE

Remote Control (Windows)

iptables -t nat -A PREROUTING -p tcp -d ip.public.du.serveur --dport 3389 -i vmbr0 -j DNAT --to-destination ip.local.de.votre.serveur.cible:3389

https://silentkernel.fr/proxmox-avec-une-seule-ip-forwarding-de-port/

It works!!! Thank you everyone!

I wanted to post my solution cuz I hate when I Google these questions and people don't say how they did it. MagicTrain did all the hard work for me.

Here is how I did it. My server has eth0 instead of vmbr0. I added the following to the bottom of my /etc/network/interfaces . I left everything the same and just added this to the bottom.

auto vmbr2
iface vmbr2 inet static
    address 10.0.0.1
    netmask 255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up echo 1 > /proc/sys/net/ipv4/conf/vmbr2/proxy_arp
    post-up iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
    post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 13389 -j DNAT --to 10.0.0.101:3389
    post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 13389 -j DNAT --to 10.0.0.101:3389
    post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 12222 -j DNAT --to 10.0.0.102:22
    post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 12222 -j DNAT --to 10.0.0.102:22

When I made the VMs I used any number in the 10.0.0.0 range. In my case it was 10.0.0.101 for my Windows desktop server. I used "bridged mode" and used the vmbr2 bridge when creating the VM in the Proxmox interface network.

After the VM was created I went into the windows machine via the console on Proxmox and used 10.0.0.101 for the ip number, 255.255.255.0 for the netmask and the server IP number for the gateway ( the ip number you use for proxmox, minus the :8006 ). Then I went into Windows settings and enabled remote connections. I then used RDP to connect to the desktop. I used the server IP number (the same as Proxmox, minus the :8006) and added :13389 after the IP number.

I then made a container using a Debian template I downloaded with the Proxmox interface. I used 10.0.0.102/24 for the IP number and the server IP number for the gateway. I now have access to the Debian server vi ssh using the server ip number on port 12222. https://lowendtalk.com/discussion/comment/2039289/#Comment_2039289

https://e-tel.eu/2017/07/25/deploy-proxmox-hetzner-server/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment