#status/done

Isolating Temporary VMs from the Home Network

  1. Creating a new Security Group (Datacenter > Firewall > Security Group)

  2. Then add the following rules to the Security Group:

    IN ACCEPT -log nolog                      # allow incoming traffic
OUT ACCEPT -dest 192.168.x.x -log nolog   # allows access to your DNS (if it is on LAN)
OUT ACCEPT -dest 192.168.x.x -log nolog   # allows access to your gateway
OUT DROP -dest 192.168.0.0/16 -log nolog  # denies all access to other members of LAN

  3. Add the Security Group to the VM (Select your VM > Firewall > Insert Security Group)

    • You can add the name of your interface there so it only applies to the respective vNIC

  4. Enabling the Firewall on a Datacenter level (Datacenter > Firewall > Options > Firewall > Yes)

  5. Enabling the Firewall on the VM (Select your VM > Firewall > Options > Firewall > Yes)

[1]

Relevant Note(s): HomeLab Networking

  1. https://forum.proxmox.com/threads/prevent-access-to-local-network-from-vm.116799/post-505458 ↩︎