I installed the twingate connector on my proxmox server and added the proxmox server, a router and a Minecraft server. If i try to connect to the web interface of my router or proxmox via twingate on my arch linux system it works without issues but if i try pinging the ip addresses for those servers in the terminal i get 100% packet loss so it can’t connect to them. I tried this on my phone too and it does the same thing. Did anyone had a similar issue? Thanks in advance
Hi Chicco,
If you haven’t seen this already, please take a look at this Help Center Article that discusses this issue.
If that does not help resolve your issue let me know!
Thanks,
-arthur
I checked the value for net.ipv4.ping_group_range and it was the same as the one after running the command to change it and even after i ran the command to change it it was the same so it still didn’t ping anything.
Chicco,
How did you install the Connector within Proxmox, using a LXC container or a full VM? Are you using Docker inside of a VM or did you use our Linux deployment (systemd)?
I installed the connector directly on the base os of proxmox (Debian) by just installing docker and on docker the connector.
Thanks for clarifying 
As Proxmox is a hypervisor OS, it’s meant to host virtual machines or containers that you would load up with various services or operating systems, whatever you need to run with it. I’d normally recommend avoiding installing anything directly onto the host itself, just so it stays clean and as stable as possible.
Getting the Connector working on the host is possible, you’ll need to edit the /etc/sysctl.conf file and add the net.ipv4.ping_group_range flag manually, then run sysctl -p to reload it, and that in theory should allow Docker containers to perform pings, but again I would recommend not running directly on the host.
What I’d suggest instead is going through our Proxmox guide (Deploy a Twingate Connector within a Proxmox Container | Docs) to deploy a Connector inside of a LXC container, if you need pings to be able to work make sure to uncheck the box that says “Unprivileged container” which should allow the Connector to properly perform pings.
I didn’t know that there were issues using the base os and i was worried that something would break in a container, now i’ll try to deploy a connector in a container and maybe leave the second one as fallback in the native os just to access the we ui to fix it. I have on the base os a cloudflare tunnel container to have easier access to the web ui, is it a good idea to run it on the os or should i install it on a container too?
Edit: I installed the connector in a container and i still can’t ping anything, I followed the guide and it still only works for stuff in the browser
here are the settings for my container
Here is the ping on my pc
[chicco@ArchHpChicco ~]$ twingate resources
RESOURCE NAME ADDRESS ALIAS AUTH STATUS
Minecraft Server 192.168.1.113 - Auth expires in 4 days
Plex 192.168.1.4 - Auth expires in 4 days
Proxmox 192.168.1.3 proxmox.casa Auth expires in 4 days
Router 192.168.1.1 - Auth expires in 4 days
[chicco@ArchHpChicco ~]$ twingate status
online
[chicco@ArchHpChicco ~]$ ping 192.168.1.3
PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data.
^C
— 192.168.1.3 ping statistics —
7 packets transmitted, 0 received, 100% packet loss, time 6148ms
[chicco@ArchHpChicco ~]$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
^C
— 192.168.1.1 ping statistics —
5 packets transmitted, 0 received, 100% packet loss, time 4132ms
[chicco@ArchHpChicco ~]$
Can you ping those same IP addresses directly from within the console of the container?
It just gives me this error From 192.168.1.245 icmp_seq=1 Destination Host Unreachable.
And i just tried on another container that is unprivileged with arch linux and gives me the same error
What if you try from your Proxmox host itself? If you can’t reach those addresses from the host, then you have some other network level issue, if the host can successfully ping those addresses then you may want to add the sysctl flag to the host itself in order to enable containers to perform pings (privileged containers shouldn’t require this).
On the host, you can edit /etc/sysctl.conf and add a line net.ipv4.ping_group_range = 0 2147483647, save and exit your editor, then run sysctl -p. This will allow all groups on the host to perform a ping, which may help if the container still can’t (and the host can).
The host could ping my router but not the containers so i added that line and after running sysctl -p and rebooting the containers can now ping the routers but if i try pinging the router via twingate it just has 100% packet loss but i noticed that if i try pinging the ip for the container with the connector via twingate even if it’s not a resource for twingate it gives me the same error that it was giving me when i tried pinging the router from the container without that line
Update: I stopped the lxc container and started docker again after the changes for internet were made on the host and using the connector on the base os it works without issues and I can ping all the resources but as you said it would be better to have it in a container instead of the base os so if you know anything else that i could try it would be great to know