Hi,
I want to establish on my Astaro-Firewall DNAT on port 2222 to get to another linux box behind the firewall over SSH.
What I did:
1. Add a new host
SSH_SERVER (host with sshd running on it)
2. Configure a new Service
Name: SSH_2222
Protocol: tcp
S-Port: 1:65535
D-Port: 2222
3. Creating a new DNAT-Rule
Name: SSH_DNAT
Match parameters: All -> DSL_Interface__ / SSH_2222
SRC-translation: None
DST-translation: SSH_SERVER/SSH
4. Adding a new Rule
From(Client): Any
Service: SSH_2222
To(Server): SSH_SERVER
Action: Allow
thats it.
after that I get this result on the shell:
firewall:/root # iptables -L | grep 2222
ACCEPT tcp -- anywhere SSH_SERVER tcp spts:tcpmux:65535 dpt:2222
from another linux box from the internet i tried to get to my linux box behind the firewall:
form_internet:/user # ssh -p 2222 myfirewall
but nothing happens after this.
So I decided to apply my testing rule :
From(Client): Any
Service: Any
To(Server): Any
Action: Allow
After applying this rule I can get to my LAN linux box ... but why not with the rule before ?
thx in advance
SEA
This thread was automatically locked due to age.
