Hi !
What is proper syntax to run VyOS conf commands from timed task (shell script) defined with
set system task-schedule task test_dmz_server interval 1
VyOS conf commands to run. If server on DMZ / 192.168.1.aaa fails for whatever reason, incoming web/mail traffic should be natted to spare server 192.168.bbb
2 rules because of 2 ISP load-balanced links.
set nat destination rule 10 description ‘WAN_TO_DMZ_eth0’
set nat destination rule 10 destination port ‘http,https,ftp,smtp,pop3,imap’
set nat destination rule 10 inbound-interface ‘eth0’
set nat destination rule 10 protocol ‘tcp’
set nat destination rule 10 translation address ‘192.168.1.bbb’
set nat destination rule 20 description ‘WAN_TO_DMZ_eth1’
set nat destination rule 20 destination port ‘http,https,ftp,smtp,pop3,imap’
set nat destination rule 20 inbound-interface ‘eth1’
set nat destination rule 20 protocol ‘tcp’
set nat destination rule 20 translation address ‘192.168.1.bbb’
commit
Do I need to explicitly allow above listed traffic in firewall rule WAN -> DMZ, or “set nat” opens these ports on WAN by default ?
Thanks in advance !