Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mihasyo2020-05-11 20:25:12
VPN
mihasyo, 2020-05-11 20:25:12

How to merge subnets of two Proxmox hypervisors?

Good day to all!
There are two servers with proxmox (PXMX0; PXMX1)
On PXMX0 there is a real, white IP, a wireguard server is configured that accepts connections from PXMX1
PXMX1 is located at the client in the office, is located first behind the nat of the router to which I have no access and behind the nat of the provider, respectively IP on it is gray.
For clarity, I am attaching a diagram.
5eb98906abeef986292420.png
Actually the task: to make it so that from VM0-1 it was possible to freely reach out to VM2-3. There would be access to the PXMX1 router - I would have configured IPSec a long time ago and would have forgotten.
Until now, I solved the problem by raising separate openvpn tunnels from each PXMX1 guest virtual machine to the microtic in front of PXMX0. But I'm afraid that the speed of the microt with Openvpn is already not enough, and it's not convenient to set up each new virtual machine.
Question: is it possible to somehow turn traffic from specific virtual machines into a wireguard tunnel using proxmox and distribute it to other virtual machines on the opposite side of the tunnel, if so, how? Or should consider deploying IPsec from PXMX1 itself to the router before PXMX0?
What's the best way to do it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
akelsey, 2020-05-11
@akelsey

Buy a small vps for 1-2 dollars, raise Mikrotik CHR on it, on each of the proxmoxes make a router that builds a tunnel to microt on top of the current systems (again, you can use Mikrotik CHR or zeroshell, or pfsens, which is closer) and score for the whole infrastructure that in essence lies before proxmoks at both points.
PS
The main thing is to ask in both endpoints to open nat to microt in the cloud.

Report
F
fara_ib, 2020-05-12
@fara_ib

And if you raise openvpn on proxmox? Well, the one that is site-to-site and on a separate virtual machine on each proxmox? Well, either the same pfsense according to the same scheme or ipfire is probably even simpler. It turns out that then the load will go away from Mikrotik, vpn will not work on it, but only forwarding to proxmox. And it seems like (but not exactly) that openvpn needs only one white ip address for site-to-site?

Report
P
poisons, 2020-05-13
@poisons

There are many "how to" variations. You already have an l3 tunnel between hypervisors. Choose according to your taste and color
1. OVS+GRE
2. VXLAN
3. There are over a ton of options like.
At the same time, as recently as yesterday, PVE 6.2 was released in which there is a gui for SDN, while I'm testing it, but visually it looks like you can click with the mouse.

Similar questions
D
desertwind2020-08-12 00:11:35
How to set up vpn to set up cameras on remote networks? 3Reply
M
My-MyGovoritKorovka2016-04-19 15:41:50
What is the problem with connecting to vpn? 1Reply
K
krll-k2016-04-19 16:12:04
Why when I connect to vpn on android, I lose the ability to go outside? How to fix? 2Reply
E
Eugene M2020-08-16 21:52:44
What VPN are you using? 3Reply
E
Eldalex2020-08-17 19:00:46
Why does the Internet or network disappear when connecting OpenVPN? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question