How to setup NAT on Proxmox 8.0 https://blog.amitanvir.info/2023/how-to-setup-nat-on-proxmox-8-0/ Proxmox utilizes bridge networking in order to offer internet access to virtual machines. Furthermore, we need a public IP for each machine. In case we have access to only a certain number of IPs, we can utilize NAT in order to access the Internet on the machines.

However, it is recommended to have a static public IP while running public services. So, let's take a look at how to set up NAT on Proxmox to offer private networks to virtual machines.

This process involves the following steps:

  1. Create a bridge
  2. Bring up the NAT bridge
  3. Configure Virtual Machine
  4. Port forwarding to access from the outside world

 

  1. Setup NAT on Proxmox: Create a bridge

First, we will log in to the proxmox host ssh and run the following command:

nano /etc/network/interfaces

This command opens up the network configuration file.

# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

auto enp4s0
iface enp4s0 inet manual
        post-up iptables-restore < /etc/iptables.up.rules

auto vmbr0
iface vmbr0 inet static
        address AA.BB.CC.DD/28
        gateway AA.BB.CC.GG
        bridge-ports enp4s0
        bridge-stp off
        bridge-fd 0

Next, paste the following at the end of the configuration file:

auto vmbr1
#private sub network
iface vmbr1 inet static
    address  192.168.1.1
    netmask  255.255.255.0
    bridge_ports none
    bridge_stp off
    bridge_fd 0

    post-up echo 1 > /proc/sys/net/ipv4/ip_forward
    post-up   iptables -t nat -A POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE
    post-down iptables -t nat -D POSTROUTING -s '192.168.1.0/24' -o vmbr0 -j MASQUERADE

Here, vmbr0 is the bridge name for NAT while vmbr1 is the interface configured on the network file. We are setting bridge_ports
to none as we are not connecting to the outside world directly.

  1. Setup NAT on Proxmox: Bring up the NAT bridge

The next step involves using the command below to bring up the bridge we configured in the previous section:

ifup vmbr2
  1. Setup NAT on Proxmox: Configure Virtual Machine

This step involves configuring the virtual machine using the IP address. As There is no DHCP service we have to set a manual configuration.

We can use the following IPs for further virtual machines: 192.168.1.3 - 192.168.1.254 & Google DNS for DNS: 8.8.8.8 and 8.8.4.4

  1. Setup NAT on Proxmox: Port forwarding to access from the outside world

If we are working with a Linux guest, we can access ssh through the public IP of the main server. In this scenario, we will run the following command on proxmox host.

iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 3033 -j DNAT --to 192.168.1.2:22

In this example, we are forwarding host port 3033 to guest port 22. After that we will run the command below in order to access guest SSH:

ssh -p 3033 root@AA.BB.CC.DD

This command will prompt for the password. Once we enter the password, we can successfully connect to guest SSH.