Do you have firewall rules to allow that traffic through? Pretty much every time I can’t get something like this to work it turns out to be because it’s blocked by the firewall.
-Les > On 19 Nov 2017, at 13:01, Colony.three via Shorewall-users > <shorewall-users@lists.sourceforge.net> wrote: > > Hello, I can not get DNAT to work to save my life. > > All machines are CentOS7 KVM virtual machines, one the internet-connected > router, and the other in the DMZ. > > I've gone through the docs and there seem to be two methods of > port-forwarding, and neither works in the router: > DNAT net dmz:10.1.1.30 tcp http,https > ... and > Web(DNAT) net dmz:10.1.1.30 > Web(ACCEPT) local dmz:10.1.1.30 > (Of course10.1.1.30 is the dmx web server) > > > > I checked both using a remote Openstack VM. And I'd previously used that OS > VM to check that port 80, 443, etc could get through my ISP to the > router/firewall, and they can. But port-forwarding simply does not work in > the router. I even tried the port 5000 mapped to 80 trick and no dice. > > I turned off SELinux, and set aside my sysctl.conf security file, and no > better. I can reach the webserver in the dmz from the local LAN, so the > problem must be in port forwarding. There are no error messages in dmesg. > > I've forwarded the dump to Tom. > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! > http://sdm.link/slashdot_______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users