Conclusion
I tried to cover all of the basics that I use for launching a dedicated, bare-metal server. If there’s something that you’d like to see in this article, please comment below so that I can revise this article.
Discussion
Thanks to Reddit user BitterPuddin for their comment and providing a copy of their /etc/network/interfaces file which allows them to skip a virtualized firewall:
# Make a private virtual LAN for your containers/vms,
# nat services though to them from your single ip.
# Here is an example interfaces file where I am running
# a webserver on a proxmox box in azure.
auto lo
iface lo inet loopback
iface enPXXXXs1 inet manual
auto eth0
iface eth0 inet static
address 10.XX.12.5/24
gateway 10.XX.12.1
auto vmbr0
iface vmbr0 inet static
address 10.XX.14.1/24
gateway 10.XX.12.1
bridge-ports none
bridge-stp off
bridge-fd 0
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.XX.14.0/24' -o eth0 -j MASQUERADE
post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j DNAT --to 10.XX.14.2:443
post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 10.XX.14.2:80
post-down iptables -t nat -D POSTROUTING -s '10.XX.14.0/24' -o eth0 -j MASQUERADE
The reason why a virtualized firewall with a GUI is preferred boils down to:
See also
- Traefik 2.5 quick-start guide
- Simple certs with Docker-Dehydrated
- Moshing in a field
- Shoe horn v1.1 released
External links
- Proxmox
- Hetzner
- Proxmox forum post: [TUTORIAL] Proxmox @ Hetzner, using a single public IPv4 address (+IPv6/64) while all traffic, including host goes through virtualized Firewall (ex. Pfsense)
- GitHub Gist: Install any OS on Hetzner VDS | Proxmox with ZFS on Hetzner VDS
Did this article save you time or money? I'd love a coffee!
Did you find this useful?
Please share with those who you believe would find this useful too!
4 replies on “Deploying Proxmox 7 behind a firewall VM”
Excelente post
Thanks, John!
Great post. Thank you so much – exactly what I was looking for!
But I’m missing a step-by-step guide to include Traefik 2 to your setup.
Or can’t I simply find it?
Hi Fred,
I try to split complex topics into their own articles. You can find my Traefik 2 guide at https://LTG.FYI/Traefik-2. Please let me know if you have further questions, and I’ll try to answer them here or perhaps write additional articles.
Best regards,
Louis