Return to Level1Techs.com

In dire need of help with routing a firewalled ProxMox

Really pulling my hair :skull_and_crossbones: out here, not even sure what to google anymore…
So I’m running proxmox on my first rackmount server, and I have a empty VPS from linode.

How would I forward the ProxMox server to .com/proxmox/ respectively?
I’m also behind a firewall do to the way the internet is set up at my apartment which unnecessarily complicates things. I’m fine with opening up my management port to the internet, or at the very least a VPN. Nothing mission critical here. Mainly so I can have friends access it and so I can also use it at work. NoVNC is also a bit touchy at times.

I’ve tried fiddling around with ipsec, openvpn, and nginx. I have the server plugged into a gigabit switchport on my (cold) cisco switch for local webaccess, and plugged into my internet using a different network and port. But how would I remote into through my site? I was thinking a vpn and apache could work!

My local IP is 10.100.100.100/24 (isn’t that cute IP?)
I was thinking a could do 10.100.100.100 -> VPN -> something .com/proxmox/

But that’s a good bit over my head, sill studying for my CCNA here. I’ve been trying to figure this out for over 3 days straight… Help would be appreciated if this even possible!
Thanks!

[EDIT:] Maybe I can use openVPN, dynamic DNS, and pfsense?

Can you even get to your equipment via the Internet by just opening ports? You might have a double nat situation.

You should definitely put all of this behind a VPN since exposing the proxmox management page to the internet is really not a great idea.

Thanks for replying!

You’re correct, having the management for Proxmox public is silly.
The only ports I have open are the defaults. I have 0 access to any router or switch, the server can ping google and so forth. But I’m at the point we’re i’m literally pulling out some hair…

I’ll try poking at the firewall on the server some more as well, don’t think I’d gain much traction with it though.

You could try to use a VPS as a VPN host to punch through the NAT you can’t bypass otherwise. I’d recommend openvpn for that. Let’s start with that as a goal I suppose.

Host openvpn server on the linode server and get your proxmox machine to connect to it.

The downside to this is, I think forwarding would get really confusing so clients might need to also connect to the openvpn to get through. It’s not a setup I’ve played with so I’m mainly talking theory here.

I can relate, I’ve only had Proxmox going since Apr/21(Tue).

Do you think OpenVPN/site-to-site in a container would be doable?
Either way, whatever you recommend I’ll give it a shot :smile:
*Setting up OpenVPN now

yeah, but only for that container and I think it complicates thing getting the routing to the host so you can then get to other services.

I would say this should be done on the host for simplicity but I’m also lazy.

1 Like