On 26/10/2021 10:43, Tuomo Soini wrote:
Because you likely have limited number of servers in dmz, you can give your names proper internal addresses by setting their real (not public) addresses in /etc/hosts on all servers so that packets won't go to firewall.
Yeah, could be a solution, but, I encountered this issue because of letsencrypt, when trying to generate server cert.
Seems that the certbot script want to reach the server using the public DNS A Records, so its public ip...
thanks! Nick _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
