On Tue, Sep 29, 2020 at 09:51:45PM +0000, JadoNena via Shorewall-users wrote: > > You need DNAT, as described here: > > > > https://shorewall.org/two-interface.htm#DNAT > > > Ok. That is what I started with. > > There is no advice or example there for how to get that traffic through the > VPN to the back end server. > > Can you help with the rules? > > My test for this working is to > > telnet -4 1.2.3.4 1234 > > from any public site and to get a response from the back end server. > > If I have a service ON the external server I am able to give access to it. > > But so far, if there is no service on the external server, only on the > internal one, across the VPN, I only get > > telnet -4 1.2.3.4 1234 > Trying 1.2.3.4... > telnet: connect to address 1.2.3.4: Connection refused > You are not providing sufficient information to be able to conclusively identify the problem. However, it seems like you either do not have IP forwarding enabled on the Shorewall machine (seems unlikely) or there is a missing route somewhere along the path (more likely).
Please provide the information described here: https://shorewall.org/support.htm That should enable a more complete understanding of your problem and allow for troubleshooting in a way that will allow us to help you resolve it. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
