Proxmox has an underlying firewall that increases security, but sometimes misunderstandings can lock you out of web UI and SS. If you find yourself unable to reach proxmox due to firewall rules, then follow this guide to disable the firewall and get access.
Step 1: Check if You Can Access via SSH
First, try to connect via SSH:
ssh root@your-proxmox-ipIf SSH is inaccessible, you will need physical access to the server or use remote management tools like IPMI (Intelligent Platform Management Interface), iDRAC (Dell), or iLO (HP).
Step 2: Access Proxmox Console
If SSH is blocked, you must log in directly through:
- Physical console (Monitor & Keyboard)
- Remote management (IPMI, iDRAC, iLO, or KVM over IP)
Step 3: Disable the Proxmox Firewall
Once you have access to the terminal, disable the firewall with:
pve-firewall stopTo prevent it from starting again on reboot:
systemctl disable pve-firewallYou can also flush existing firewall rules:
iptables -Fip6tables -F
Step 4: Verify Access
After disabling the firewall, check if the Proxmox Web UI is accessible:
- Open your browser and visit:
https://your-proxmox-ip:8006 - Try connecting via SSH again:
ssh root@your-proxmox-ip
Step 5: Fix Firewall Rules
If the issue was due to incorrect firewall settings, review and correct them:
nano /etc/pve/firewall/cluster.fwLook for any rules that block SSH or web access and modify them accordingly.
After making changes, restart the firewall:
pve-firewall restartStep 6: Re-enable Firewall (Optional)
Once you’ve fixed the firewall rules, re-enable it:
systemctl enable pve-firewallpve-firewall start
Make sure to whitelist your management IP to prevent future lockouts.
Conclusion
If you are locking out of Proxmox due to firewall settings, then disablement of firewall through console or remote management tools like IPMI, IDRAC, or ILO can help to recover access. Always review the firewall rules before implementing them to avoid future connectivity issues.
If you found this guide helpful, tell me in the comments!