Networking Server SysAdmin Technology Virtualization

Deploying Proxmox 7 behind a firewall VM

How I run Proxmox with a single IP and MAC address.


I tried to cover all of the basics that I use for launching a dedicated, bare-metal server. If there’s something that you’d like to see in this article, please comment below so that I can revise this article.


Thanks to Reddit user BitterPuddin for their comment and providing a copy of their /etc/network/interfaces file which allows them to skip a virtualized firewall:

# Make a private virtual LAN for your containers/vms,
# nat services though to them from your single ip.
# Here is an example interfaces file where I am running
# a webserver on a proxmox box in azure.

auto lo

iface lo inet loopback

iface enPXXXXs1 inet manual

auto eth0

iface eth0 inet static

address 10.XX.12.5/24

gateway 10.XX.12.1

auto vmbr0

iface vmbr0 inet static

address 10.XX.14.1/24

gateway 10.XX.12.1

bridge-ports none

bridge-stp off

bridge-fd 0

post-up echo 1 > /proc/sys/net/ipv4/ip_forward

post-up iptables -t nat -A POSTROUTING -s '10.XX.14.0/24' -o eth0 -j MASQUERADE

post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j DNAT --to 10.XX.14.2:443

post-up iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 10.XX.14.2:80

post-down iptables -t nat -D POSTROUTING -s '10.XX.14.0/24' -o eth0 -j MASQUERADE

The reason why a virtualized firewall with a GUI is preferred boils down to:

Reddit user BegRoMa27

See also

External links

Did this article save you time or money? I'd love a coffee!

Did you find this useful?
Please share with those who you believe would find this useful too!

4 replies on “Deploying Proxmox 7 behind a firewall VM”

Great post. Thank you so much – exactly what I was looking for!
But I’m missing a step-by-step guide to include Traefik 2 to your setup.
Or can’t I simply find it?

Leave a Reply

Your email address will not be published. Required fields are marked *