i have a question,
i think my previous colleague used this as a reference for installing zone based firewall
all works fine except that i need to have internet on the serverfarm on the ip linked to it.
like if i say port 443 is open for external ip to internal ip it works. but i also want to go the other way.
on port 443 from internal ip to external ip.
i have a ip block so each external ip has its dedecated internal ip.
i think it is something small but i can’t figure it out.
You just need to configure properly firewall rules from one zone to another.
It is difficult to say how we can help you because it is not clear what exactly doesn’t work?
lets say this is my config on how i set rules for public to internal.
######### NAT ################
set interfaces ethernet eth0 address “external ip”
set service nat rule 6200 type source
set service nat rule 6200 outside-address address “external ip”
set service nat rule 6200 source address “internal ip”
set service nat rule 6200 outbound-interface eth0
set service nat rule 62 type destination
set service nat rule 62 destination address “external ip”
set service nat rule 62 inbound-interface eth0
set service nat rule 62 inside-address address “internal ip”
####### Firewall #################
set firewall name public-to-serverfarm rule 67 action accept
set firewall name public-to-serverfarm rule 67 destination port 80,443
set firewall name public-to-serverfarm rule 67 protocol tcp
set firewall name public-to-serverfarm rule 67 destination address “internal ip”
how do i get this to do reverse if zone rule for outside is to-public
i tried several things but it will not go out…
i am trying to make an API call to another server (cloud somewhere) and the respond of that request needs to come back to this same ip
It seems Vyatta configuration, not VyOS.
But it is a different system. And it is VyOS forum.
ow sorry, thought this was …
it is on a ubiquiti router… but seems to have same configuration as vyatta.
do you know anyone with knowledge about this configuration ?
Ubiquiti forked Vyatta around v6.3, and created EdgeOS. VyOS forked at around v6.6 which has different contexts.
You need to use the Ubiquiti forums
Thanks, i will try that.
this can be closed.