Setup NAT on Proxmox | Guide

by Nikhath K | Jan 14, 2022

Setup NAT on Proxmox like an expert with the help of this handy guide from Bobcares.

At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.

Let’s take a look at how our Support Team recently helped out a customer setup NAT on Proxmox.

How to setup NAT on Proxmox

Proxmox utilizes bridge networking in order to offer internet access to virtual machines. Furthermore, we need a public IP for each machine. In case we have access to only a certain amount of IPs, we can utilize NAT in order to access the Internet on the machines.

However, our Support Techs recommend having a static public IP while running public services. So let’s take a look at how to set up NAT on Proxmox to offer private networks to virtual machines.

This process involves the following steps:

Create a bridge
Bring up the NAT bridge
Configure Virtual Machine
Port forwarding to access from the outside world

Setup NAT on Proxmox: Create a bridge

Our Support Techs recommend the following process to successful configure a NAT bridge:

First, we will log in to the proxmox host ssh and run the following command:
```
nano /etc/network/interfaces
```
This command opens up the network configuration file.

Next, paste the following at the end of the configuration file:

auto vmbr2
#private sub network
iface vmbr2 inet static
        address  192.168.1.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0
 
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADE

Here, vmbr1 is the bridge name for NAT while vmbr2 is the interface configured on the network file. We are setting bridge_ports
to none as we are not connecting to the outside world directly.

Setup NAT on Proxmox: Bring up the NAT bridge

The next step involves using the command below to bring up the bridge we configured in the previous section:

ifup vmbr2

Setup NAT on Proxmox: Configure Virtual Machine

This step involves configuring the virtual machine using the IP address. We have to manually set up the IP address as DHCP is not present. We can use the following details depending on the OS:

IP: 192.168.1.2
Netmask: 255.255.255.0
Gateway: 192.168.1.1

We can use the following IPs for further virtual machines:

192.168.1.3
192.168.1.4
..upto 254

We can also use Google DNS for DNS:

8.8.8.8
8.8.4.4

Setup NAT on Proxmox: Port forwarding to access from the outside world

If we are working with a Linux guest, we can access ssh through the public IP of the main server. In this scenario, we will run the following command on proxmox host.

iptables -t nat -A PREROUTING -i vmbr1 -p tcp --dport 3033 -j DNAT --to 192.168.1.2:22

In this example, we are forwarding host port 3033 to guest port 22. After that we will run the command below in order to access guest SSH:

ssh -p 3033 root@ip.of.proxmox.host

This command will prompt for the password. Once we enter the password, we can successfully connect to guest SSH.

[Looking for a solution to another query? We are just a click away.]

Conclusion

At the end of the day, our skilled Support Engineers at Bobcares configuring NAT on Proxmox.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

13 Comments

Steven on 2022-03-04 at 04:04

Your solution worked. I got NAT working under Proxmox and can use it in my VMs successfully. Thank you!
Reply
Robert on 2022-05-04 at 22:28

i got the first part working and no longer require a dedicated IP for my debian 11 VM, however i can not connect to the port forwarded ssh as it will say connection refused. i even opened such port on iptables on the host
Reply
- Hiba Razak on 2022-07-08 at 11:04
  
  Hi,
  
  Our Experts can help you with the issue, we’ll be happy to talk to you on chat.
  Reply
Eric on 2022-10-09 at 10:24

Works like a charm. Since my default bridge was vmbr0 I just created the new one as vmbr1 and adjusted everything accordingly. Since I’m restricted to having one public IP/interface this is exactly what I needed.
Reply
- Hiba Razak on 2022-10-10 at 10:38
  
  Hi Eric,
  Glad to know that our article helps you solves the issue ? .
  Reply
Alex on 2022-11-27 at 14:04

Thank you for the tutorial,
unfortunately I do not succeed, please add a information how the configuration of vmbr1 should look like. Thank you very much in advance.
Reply
- Hiba Razak on 2022-12-01 at 09:22
  
  Hi,
  Please contact our support team via live chat(click on the icon at right-bottom).
  Reply
  - DasGoG on 2023-03-12 at 23:08
    
    Hello! Works like a charm, I thank you.
    How do I make these ip tables rules based on the hosts persistent after reboot?
    Reply
    - Hiba Razak on 2023-03-16 at 15:28
      
      Hello ,
      Thanks for the feedback.
      To make iptables rules persistent after a reboot, you need to save them to a configuration file that is loaded during system startup.
      Reply
Alper on 2022-12-30 at 14:38

Thank you very much for this valuable sharing, thanks to you, I solved the problem.
Reply
- Hiba Razak on 2023-01-10 at 15:16
  
  Hello Alper,
  Thanks for the feedback. We are glad to know that our article helped solve the issue.
  Reply
Youss on 2023-11-24 at 16:24

Hi,
greate aricle but when I try to connect to 192.168.1.2 via SSH from another labtop it give this error :
ssh: connect to host 192.168.1.2 port 22: Connection timed out
Reply
- Hiba Razak on 2023-12-01 at 15:04
  
  Hello,
  Please contact our support team via live chat(click on the icon at right-bottom).
  Reply