Hello,
.........
If you want to run the proxy on another system, then the firewall needs to be able to perform port forwarding. It must forward all connections on ports TCP ports 10200 thru 10209 and UDP ports 10200 thru 10259 to the proxy. It must also forward connections on TCP port 1720 that do not originate from the proxy to the proxy. Further you must modify the nmproxy configuration file (see below) so that the firewall_address option specifies the Internet address of the firewall. The most likely reason for wanting to run in this mode is that the firewall itself is not Linux based, but by way of example, these iptables commands perform the necessary forwarding for an iptables based Linux firewall.
iptables -I PREROUTING -t nat -p tcp --dport 10200:10209 -d $FIREWALL -j DNAT --to-destination $PROXY
iptables -I PREROUTING -t nat -p udp --dport 10200:10259 -d $FIREWALL -j DNAT --to-destination $PROXY
iptables -I PREROUTING -t nat -p tcp --dport 1720 ! -s $PROXY -j DNAT --to-destination $PROXY
These commands require the environment variables FIREWALL and PROXY to be set to the Internet address of the firewall, and the LAN address of the proxy, respectively.
...........
How can I do this with Astaro?
Thanks in advance
Markus Wasse
This thread was automatically locked due to age.