Table of Contents Usage of the RPN in a VM on a Proxmox host Configration of the interface for the use of DHCP Routes & Private network Firewall Usage of the RPN in a VM on a Proxmox host Requirements: You have an account at console.online.net You have a Dedibox dedicated server You have installed the server with Proxmox VE As seen in the documentation about the RPN, you can have only one single RPN IP per server. This may cause some problems for your VMs communicating to each other. The solution for this is to use NAT with port forwarding. To do this, you need to do the following as a first step: - Set the RPN interface (normally eth1) to DHCP configuration - Add the required routes to the VM - Proceed with NAT & Port Forwarding directly on the host Configration of the interface for the use of DHCP To enable DHCP on the interface eth1, you need to edit the file “/etc/network/interfaces”. Delete the lines for the configuration of “eth1” and replace them with the following: auto eth1 iface eth1 inet dhcp You can reboot your server now or restart the interface: ifdown eth1 && ifup eth1 You will see something like the following: Internet Systems Consortium DHCP Client 4.2.2 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Listening on LPF/eth1/f8:bc:12:48:e7:ec Sending on LPF/eth1/f8:bc:12:48:e7:ec Sending on Socket/fallback Internet Systems Consortium DHCP Client 4.2.2 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Listening on LPF/eth1/f8:bc:12:48:e7:ec Sending on LPF/eth1/f8:bc:12:48:e7:ec Sending on Socket/fallback DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 5 DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 10 DHCPREQUEST on eth1 to 255.255.255.255 port 67 DHCPOFFER from 10.90.208.xx DHCPACK from 10.90.208.xx bound to 10.90.xx.xx -- renewal in 2147483648 seconds. Routes & Private network So, we create a private network where the VMs can also communicate with one another on the RPN network. You need to create a “Linux Bridge” in the Proxmox interface, named vmbrX (X can be replaced with a number of your choice). You need to assign a private IP of your choice (in our example: 172.16.42.1) which serves as a gateway to the RPN. Reboot the server to activate the new interface. Go back to the configuration of the VM and add a new virtual interface “veth” in bridged mode on your vmbrX. Below you can find the configuration of your VM: auto eth1 iface eth1 inet static address 172.16.42.50 netmask 255.255.255.0 broadcast 172.16.42.255 post-up route add -net 10.90.0.0 netmask 255.255.0.0 dev eth1 post-up route add -net 10.90.0.0 netmask 255.255.0.0 gw 172.16.42.1 Some explanations: At first we configure the network in the subnet of vmbrX Then we add the routes to the RPN network, to specify where the RPN traffic must pass Firewall Finally we will configure the address translation directly on the firewall so that the packets can change the network interface. iptables -t nat -A POSTROUTING -o eth1 -s 172.16.42.0/24 -j MASQUERADE It may be useful to keep these routes after a restart, for example with the packet iptables-persistant. Finally, if you want to “Publish” the ports directly on the RPN network, you need to setup the port forwarding. iptables -t nat -A PREROUTING -p tcp -d IP_RPN --dport PORT_RPN -i eth1 -j DNAT --to-destination IP_LAN_VMBRX Replacing all variables by good informations : IP_RPN = Private IP of your RPN interface, configured using DHCP. PORT_RPN = The port to activate on the RPN network. This can be port 80 (HTTP), 443 (HTTPS), etc … IP_LAN_VMBRX = The private IP assigned to the VM in the network of vmbrX