Forbidden Router Vmz unable to ping

Im having troubles with my Vms being unable to ping machines on my Lan, my Lan pc’s can ping the Vms no problems I was thinking this could be a firewall problem so I have disabled proxmox firewall on my nics but I’m stall having the same problem if anyone has has a similar problem of knows of this problem and how to fix I look forward to reading your response

NAS
image
Vm Deb
image

Do machines on our lan know they need to send packets destined for 192.168.100.x VMs to your Proxmox machine? … or do they just send it to your router as they would everything else, and your router that also knows no better just tries to send them to the internet?

Run tcpdump -ni eth_something on every machine and interface you can think of (physical bridge in the VM, out of the VM) and check where packets are being lost

Routing appears fine as the VM is able to respond to pings. I would think its likely a firewall issue, either 103’s firewall is configured to drop ICMP, or your VM is dropping ICMP responses.

Posting your VM’s firewall config sudo iptables -L would help with troubleshooting, and like risk said running tcpdump is always a good bet to determine if they are not responding or you’re dropping responses.

1 Like

Thanks for the suggestion

I took dumps of the pings

.103 to .105

.105 to .103


I just pinged both the Nas.103 and VM.105 from a win pc
image

I did apt install for iptables for the VM.105
image

iptables from NAS.103
image

I used traceroute to start having a look into what is going on, It looks like Proxmox is dropping traffic headed for Lan IPs but passing Wan traffic. I could be wrong but I guess its a start?

Solved.

I was using a 4port intel nic as the Lan switch. I had it bonded in PFsense but Bridged in proxmox. So well pfsense would use it as a switch, Proxmox and Vmz would not.

My Bad.

Thanks for the help in troubleshooting this problem.

and it was a great excuses to go 10gbe backbone .