Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Proxmox additional Ip with Port Forwarding
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Proxmox additional Ip with Port Forwarding

thornthorn Member
edited April 2016 in Help

As you see in this configuration i attach vmbr0 to my local area clients and get 192.168.0.x ip and then go internet with eth0 (MASQUERADE and POSTROUTING ).
eth0 my main ip its 78.xxx.xxx.178. Whenever a local area want to go internet then its getting my main ip for internet usage.
Whenever i want to RDP access to my local area clients i have setup this rules

( iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 7002 -j DNAT --to 192.168.0.5:3389)

With this i can RDP to my 192.168.0.5 client from outside 78.xxx.xxx.178:7002.

My question is so simple How Can i do this with my other additional ips ? I cant configure it.

For example i want to rdp my client (192.168.0.10) with 188.xxx.xxx.xx1 not with main ip.

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 78.xxx.xxx.178
netmask 255.255.255.255
gateway 78.xxx.xxx.161
pointopoint 78.xxx.xxx.161

auto vmbr0
iface vmbr0 inet static
address 78.xxx.xxx.178
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

ADDITIONAL IPs

up ip route add 188.xxx.xxx.xx1/32 dev vmbr0
up ip route add 188.xxx.xxx.xx2 32 dev vmbr0
up ip route add 188.xxx.xx3/32 dev vmbr0

iface eth0 inet6 static
address 2a01:4f8:100:92a7::2
netmask 64
gateway fe80::1

localarea for internet usage.

auto vmbr1
iface vmbr1 inet static
address 192.168.0.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0

IPTABLES

post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o eth0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o eth0 -j MASQUERADE

RDP

post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 7002 -j DNAT --to 192.168.0.5:3389
post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 7002 -j DNAT --to 192.168.0.5:3389

Comments

  • FalzoFalzo Member

    it seems like you're mixing up a normal routed config for the additional IPs with NATed connections...
    that said you're adding your additional IPs to vmbr0 interface with:

    up ip route add 188.xxx.xxx.xx1/32 dev vmbr0

    but forwarding ports from eth0 with:

    post-up iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 7002 -j DNAT --to 192.168.0.5:3389

    if you are using that addon IPs only for nat I'd suggest adding them to eth0 directly, else you may try to do that nat rules on vmbr0 (can't exactly say if this will work as intended though)

Sign In or Register to comment.