How to set internal server's port to public IP server's port ?
I set like this, but failed !! could someone helps !!
public IP server with nic interface eno1 192.168.1.105 & have ppoe connect to an public fix IP 1.34.aaa.bbb
internal IP server with nic interface eno1 192.168.106
iptables -t nat -A PREROUTING -i 192.168.1.106:8888 -p tcp -j DNAT --to-destination 192.168.1.105:9201
iptables -t nat -A PREROUTING -i 192.168.1.106:22 -p tcp -j DNAT --to-destination 192.168.1.105:9222
How to set internal server's port to public IP server's port ?
Re: How to set internal server's port to public IP server's port ?
The examples that you show would suite to following scenario:
1. You have client A in the private subnet 192.168.1.
2. You try to (ssh) connect from A to internal server (192.168.1.106:22)
3. Internal server forwards the connection to public server (192.168.1.105:9222)
4. A establishes connection to public server (192.168.1.105:9222)
That does not seem useful, because A can connect to 192.168.1.105:9222 directly.
If your scenario is:
1. You have client C somewhere "on the internet".
2. You try to connect from C to public server (1.34.aaa.bbb:9222)
3. Public server forwards the connection to internal server (192.168.1.106:22)
4. C establishes connection to internal server (192.168.1.106:22)
Then the "port forward" has to be done on the public server.
The default firewall configuration system in CentOS 7 is firewalld.
It is used via firewall-cmd tool (there is some clickety clack, GUI crap too).
Have you disabled the firewalld.service and enabled iptables.service?
If not, then the use of iptables tool to modify rules is futile.
1. You have client A in the private subnet 192.168.1.
2. You try to (ssh) connect from A to internal server (192.168.1.106:22)
3. Internal server forwards the connection to public server (192.168.1.105:9222)
4. A establishes connection to public server (192.168.1.105:9222)
That does not seem useful, because A can connect to 192.168.1.105:9222 directly.
If your scenario is:
1. You have client C somewhere "on the internet".
2. You try to connect from C to public server (1.34.aaa.bbb:9222)
3. Public server forwards the connection to internal server (192.168.1.106:22)
4. C establishes connection to internal server (192.168.1.106:22)
Then the "port forward" has to be done on the public server.
The default firewall configuration system in CentOS 7 is firewalld.
It is used via firewall-cmd tool (there is some clickety clack, GUI crap too).
Have you disabled the firewalld.service and enabled iptables.service?
If not, then the use of iptables tool to modify rules is futile.