I have a server on internet with vuurmuur. Via ipsec a have a connection into the server. I would like to forward a port 5900 thrue interface eth0:3 to vmware maschine 1.
I insert a rule with portfw listen on 5900 from any at eth0:3 to host 192.168.144.128 on vmnet1 remoteport 5900.
From your post I'm not really sure what the actual problem is that you are having. When dealing with virtual interfaces like 'eth0:3' it's important to consider that iptables and therefore Vuurmuur don't support that notation. To iptables eth0:3 is just eth0, with an extra ipaddress. Vuurmuur deals with it accordingly, by focussing on the ipaddress instead of the devicename.
I assume you have added a interface to Vuurmuur with eth0 as device, 192.168.210.1 as ipaddress and the virtual toggle set to 'on'? Then probably you probably created a separate network for the ipsec iprange and attached the interface to that? As far as I can tell that should all work just fine :-) So please explain a little more about your problem!
Regards,
Victor
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I have a server on internet with vuurmuur. Via ipsec a have a connection into the server. I would like to forward a port 5900 thrue interface eth0:3 to vmware maschine 1.
I insert a rule with portfw listen on 5900 from any at eth0:3 to host 192.168.144.128 on vmnet1 remoteport 5900.
Log-View:
ACCEPT vnc 192.168.22.246 -> 192-168-141-128.192er.vmnet (in: eth0 out: vmnet1 192.168.22.246:34823 -> 192.168.141.128:5900 TCP flags: ****S* len:48 ttl 124)
eth0 = 89.107.x.x
eth0:3 = 192.168.210.1 (local ipsec point)
vmnet1 = 192.168.144.1
Vmware maschine 1 = 192.168.144.128
192.168.22.246 = remote ipsec point
Where is my mistake ? Can somebody help me ? Thank you !
Daniel
Hi Daniel,
From your post I'm not really sure what the actual problem is that you are having. When dealing with virtual interfaces like 'eth0:3' it's important to consider that iptables and therefore Vuurmuur don't support that notation. To iptables eth0:3 is just eth0, with an extra ipaddress. Vuurmuur deals with it accordingly, by focussing on the ipaddress instead of the devicename.
I assume you have added a interface to Vuurmuur with eth0 as device, 192.168.210.1 as ipaddress and the virtual toggle set to 'on'? Then probably you probably created a separate network for the ipsec iprange and attached the interface to that? As far as I can tell that should all work just fine :-) So please explain a little more about your problem!
Regards,
Victor