105 lines
2.6 KiB
Markdown
105 lines
2.6 KiB
Markdown
# Proxmox Firewall Check Report
|
|
|
|
**Date**: 2026-01-21
|
|
**Status**: ✅ **Proxmox Firewall Not Blocking Traffic**
|
|
|
|
---
|
|
|
|
## Summary
|
|
|
|
**Proxmox firewall is disabled on both hosts**, so it is **NOT blocking external traffic** to NPMplus or VMID 5000.
|
|
|
|
---
|
|
|
|
## Host Firewall Status
|
|
|
|
### r630-01 (NPMplus Host)
|
|
- **Firewall Status**: `disabled/running`
|
|
- **Impact**: Firewall is disabled, not blocking any traffic
|
|
- **VMID 10233 (NPMplus)**: No firewall restrictions
|
|
|
|
### r630-02 (VMID 5000 Host)
|
|
- **Firewall Status**: `disabled/running`
|
|
- **Impact**: Firewall is disabled, not blocking any traffic
|
|
- **VMID 5000 (Blockscout)**: No firewall restrictions
|
|
|
|
---
|
|
|
|
## Firewall Configuration Files
|
|
|
|
### Host Firewall Configs
|
|
- **r630-01**: No host firewall config file found (or empty)
|
|
- **r630-02**: No host firewall config file found (or empty)
|
|
|
|
### Cluster Firewall Config
|
|
- **Status**: No cluster firewall config found (or empty)
|
|
|
|
### Container Firewall Configs
|
|
- **VMID 10233 (NPMplus)**: No firewall option in container config
|
|
- **VMID 5000 (Blockscout)**: No firewall option in container config
|
|
|
|
---
|
|
|
|
## Conclusion
|
|
|
|
✅ **Proxmox firewall is NOT the issue**
|
|
|
|
The Proxmox firewall is disabled on both hosts, so it cannot be blocking external traffic. The timeout issue is **NOT caused by Proxmox firewall**.
|
|
|
|
---
|
|
|
|
## Root Cause Analysis
|
|
|
|
Since Proxmox firewall is not blocking:
|
|
|
|
1. **UDM Pro Firewall** - Most likely cause:
|
|
- Rule order issue (block rules before allow rules)
|
|
- Zone-based firewall blocking External → Internal
|
|
- Port forwarding rules not enabled
|
|
|
|
2. **ISP Blocking** - Possible cause:
|
|
- Some ISPs block ports 80/443
|
|
- Test from different network/location
|
|
|
|
3. **Network Routing** - Less likely:
|
|
- Traffic not reaching UDM Pro
|
|
- WAN interface not receiving traffic
|
|
|
|
---
|
|
|
|
## Next Steps
|
|
|
|
Since Proxmox firewall is not the issue, focus on:
|
|
|
|
1. **UDM Pro Firewall Rule Order**:
|
|
- Verify "Allow Port Forward..." rules are at the top
|
|
- Ensure no "Block External → Internal" rules are above them
|
|
|
|
2. **Test from Different Location**:
|
|
- Test from mobile hotspot
|
|
- Test from VPN
|
|
- This will determine if ISP is blocking
|
|
|
|
3. **Check UDM Pro Logs**:
|
|
- Look for blocked connections
|
|
- Identify which rule is blocking (if any)
|
|
|
|
---
|
|
|
|
## Verification
|
|
|
|
**Proxmox hosts are NOT blocking traffic:**
|
|
- ✅ Firewall disabled on r630-01
|
|
- ✅ Firewall disabled on r630-02
|
|
- ✅ No firewall rules configured
|
|
- ✅ Containers have no firewall restrictions
|
|
|
|
**The issue is elsewhere:**
|
|
- ⚠️ UDM Pro firewall (most likely)
|
|
- ⚠️ ISP blocking (possible)
|
|
- ⚠️ Network routing (less likely)
|
|
|
|
---
|
|
|
|
**Status**: ✅ **Proxmox Firewall Check Complete - Not Blocking**
|