Proxmox 1:1 NAT routing Rumi, March 30, 2025 Background: The objective was to serve VM’s default route via private network Public IP with no default route More control over firewalling policy over the VM (which is not covered in this post) Automation via DHCP on VM provisioning (This too no covered in this post) D-NAT to the VM via public IP. So, let’s start. Here I’ll be just pasting the screenshots of the process that I followed in order to achieve the above requirement. Step-1 On the Host Proxmox the network looks like this- Step-2 On the Host Proxmox the /etc/network/interfaces configuration looks like this- The same thing in text- # network interface settings; autogenerated # Please do NOT modify this file directly, unless you know what # you're doing. # # If you want to manage parts of the network configuration manually, # please utilize the 'source' or 'source-directory' directives to do # so. # PVE will preserve these directives, but will NOT read its network # configuration from sourced files, so do not attempt to move any of # the PVE managed interfaces into external files! auto lo iface lo inet loopback iface eth0 inet manual iface eth1 inet manual auto vmbr0 iface vmbr0 inet static address 114.XXX.X.60/24 gateway 114.XXX.X.1 bridge-ports eth0 bridge-stp off bridge-fd 0 auto vmbr2 iface vmbr2 inet static address 192.168.0.10/24 bridge-ports none bridge-stp off bridge-fd 0 auto vmbr1 iface vmbr1 inet static address 114.XXX.X.65/24 bridge-ports none bridge-stp off bridge-fd 0 post-up echo 1 > /proc/sys/net/ipv4/ip_forward post-up iptables -t nat -A POSTROUTING -s '192.168.0.10/24' -o vmbr0 -j MASQUERADE post-down iptables -t nat -D POSTROUTING -s '192.168.0.10/24' -o vmbr0 -j MASQUERADE post-up iptables -t nat -A PREROUTING -p tcp -d 114.XXX.XX -j DNAT --to-destination 192.168.0.2 post-up iptables -t nat -A PREROUTING -p tcp -d 114.XXX.XX -j DNAT --to-destination 192.168.0.3 post-up iptables -t nat -A PREROUTING -p tcp -d 114.XXX.XX -j DNAT --to-destination 192.168.0.4 Step-3 And now when creating any VM or container, here’s the VM/Container configuration- Now spin off the VM and you’ll get the VM with NAT Gateway enabled and ping your VM’s public IP- it’ll work. Administrations Configurations (Linux) Networking Proxmox 1:1 NATProxmox