Hi Ken, I have been recently learning about firewalld. Please run the commands below on your hosts to see whether they look the same or not.
I hope it helps. Best regards, Sebastian * General: firewall-cmd --state # Sometimes you need to reload the firewall to get the configuration actually applied firewall-cmd --reload * Services: firewall-cmd --get-services firewall-cmd --permanent --get-services firewall-cmd --info-service=smtp * Zones: firewall-cmd --get-zones firewall-cmd --get-default-zone firewall-cmd --get-active-zones firewall-cmd --get-zone-of-interface=em1 firewall-cmd --zone=work --list-interfaces firewall-cmd --zone=work --list-all firewall-cmd --zone=work --add-interface=em1 firewall-cmd --set-default-zone=internal firewall-cmd --set-default-zone=public firewall-cmd --get-default-zone firewall-cmd --zone=work --list-rich-rules firewall-cmd --permanent --zone=work --list-rich-rules * Adding Ports firewall-cmd --permanent --zone=work --add-port=80/tcp # remember to: firewall-cmd --reload # check status: firewall-cmd --zone=work --list-ports * Removing Ports firewall-cmd --zone=work --remove-port=80/tcp * Adding Services firewall-cmd --zone=work --add-service=ftp * Removing Services firewall-cmd --zone=work --remove-service=ftp * Configure IP Address Masquerading firewall-cmd --zone=external --query-masquerade firewall-cmd --permanent --zone=external --add-masquerade firewall-cmd --zone=external --remove-masquerade
