Setup NAT on Proxmox like an expert with the help of this handy guide from Bobcares.
At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Service.
Let’s take a look at how our Support Team recently helped out a customer setup NAT on Proxmox.
How to setup NAT on Proxmox
Proxmox utilizes bridge networking in order to offer internet access to virtual machines. Furthermore, we need a public IP for each machine. In case we have access to only a certain amount of IPs, we can utilize NAT in order to access the Internet on the machines.
However, our Support Techs recommend having a static public IP while running public services. So let’s take a look at how to set up NAT on Proxmox to offer private networks to virtual machines.
This process involves the following steps:
- Create a bridge
- Bring up the NAT bridge
- Configure Virtual Machine
- Port forwarding to access from the outside world
Setup NAT on Proxmox: Create a bridge
Our Support Techs recommend the following process to successful configure a NAT bridge:
- First, we will log in to the proxmox host ssh and run the following command:
nano /etc/network/interfaces
This command opens up the network configuration file.
- Next, paste the following at the end of the configuration file:
auto vmbr2 #private sub network iface vmbr2 inet static address 192.168.1.1 netmask 255.255.255.0 bridge_ports none bridge_stp off bridge_fd 0 post-up echo 1 > /proc/sys/net/ipv4/ip_forward post-up iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADE post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr1 -j MASQUERADEHere, vmbr1 is the bridge name for NAT while vmbr2 is the interface configured on the network file. We are setting bridge_ports
to none as we are not connecting to the outside world directly.
Setup NAT on Proxmox: Bring up the NAT bridge
The next step involves using the command below to bring up the bridge we configured in the previous section:
ifup vmbr2
Setup NAT on Proxmox: Configure Virtual Machine
This step involves configuring the virtual machine using the IP address. We have to manually set up the IP address as DHCP is not present. We can use the following details depending on the OS:
- IP: 192.168.1.2
- Netmask: 255.255.255.0
- Gateway: 192.168.1.1
We can use the following IPs for further virtual machines:
- 192.168.1.3
- 192.168.1.4
- ..upto 254
We can also use Google DNS for DNS:
- 8.8.8.8
- 8.8.4.4
Setup NAT on Proxmox: Port forwarding to access from the outside world
If we are working with a Linux guest, we can access ssh through the public IP of the main server. In this scenario, we will run the following command on proxmox host.
iptables -t nat -A PREROUTING -i vmbr1 -p tcp --dport 3033 -j DNAT --to 192.168.1.2:22
In this example, we are forwarding host port 3033 to guest port 22. After that we will run the command below in order to access guest SSH:
ssh -p 3033 root@ip.of.proxmox.host
This command will prompt for the password. Once we enter the password, we can successfully connect to guest SSH.
[Looking for a solution to another query? We are just a click away.]
Conclusion
At the end of the day, our skilled Support Engineers at Bobcares configuring NAT on Proxmox.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
Your solution worked. I got NAT working under Proxmox and can use it in my VMs successfully. Thank you!
i got the first part working and no longer require a dedicated IP for my debian 11 VM, however i can not connect to the port forwarded ssh as it will say connection refused. i even opened such port on iptables on the host
Hi,
Our Experts can help you with the issue, we’ll be happy to talk to you on chat.
Works like a charm. Since my default bridge was vmbr0 I just created the new one as vmbr1 and adjusted everything accordingly. Since I’m restricted to having one public IP/interface this is exactly what I needed.
Hi Eric,
Glad to know that our article helps you solves the issue ? .
Thank you for the tutorial,
unfortunately I do not succeed, please add a information how the configuration of vmbr1 should look like. Thank you very much in advance.
Hi,
Please contact our support team via live chat(click on the icon at right-bottom).
Hello! Works like a charm, I thank you.
How do I make these ip tables rules based on the hosts persistent after reboot?
Hello ,
Thanks for the feedback.
To make iptables rules persistent after a reboot, you need to save them to a configuration file that is loaded during system startup.
Thank you very much for this valuable sharing, thanks to you, I solved the problem.
Hello Alper,
Thanks for the feedback. We are glad to know that our article helped solve the issue.
Hi,
greate aricle but when I try to connect to 192.168.1.2 via SSH from another labtop it give this error :
ssh: connect to host 192.168.1.2 port 22: Connection timed out
Hello,
Please contact our support team via live chat(click on the icon at right-bottom).