Gerhard Engler wrote:> > Hello, > > I can?t connect my Webserver from the Internet. > > Here is my net-structure: > > Webserver 192.168.3.203 (DMZ) > | > Internet --- Firewall/Router (mit 3 Netzwerkkarten) > | > Local Netzwerk 192.168.1.X (loc) > > > The Firewall should forward all requests from the Internet to the > webserver. But it does?t run. All requests are answered from the Firewall. > > * From the local Network I can connect the Webserver (192.168.4.203).I assume that you mean 192.168.3.203 and not 192.168.4.203? I> get the Apache2-Message on my browser. > > * If I try to connect from the Internet I get the Apache2-answer from > the apache2-service on the firewall.Then something else is wrong other than your Shorewall configuration because you CAN connect to your DMZ webserver from the internet. From the dump you sent: tcp 6 59 TIME_WAIT src=210.245.122.38 dst=84.57.1.42 sport=55931 dport=80 src=192.168.3.203 dst=210.245.122.38 sport=80 dport=55931 [ASSURED] use=1 That is a connection from 210.245.122.68 to 84.57.1.42 that was forwarded to 192.168.3.203. Here''s another one: tcp 6 96 TIME_WAIT src=210.245.122.38 dst=84.57.1.42 sport=50396 dport=80 src=192.168.3.203 dst=210.245.122.38 sport=80 dport=50396 [ASSURED] use=1 So I don''t know what else we can do to help you. ------------------------------------------------------------------------------ Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB
Shorewall Guy wrote:> Gerhard Engler wrote: >> Hello, >> >> I can?t connect my Webserver from the Internet. >> >> Here is my net-structure: >> >> Webserver 192.168.3.203 (DMZ) >> | >> Internet --- Firewall/Router (mit 3 Netzwerkkarten) >> | >> Local Netzwerk 192.168.1.X (loc) >> >> >> The Firewall should forward all requests from the Internet to the >> webserver. But it does?t run. All requests are answered from the Firewall. >> >> * From the local Network I can connect the Webserver (192.168.4.203). > > I assume that you mean 192.168.3.203 and not 192.168.4.203? > > I >> get the Apache2-Message on my browser. >> >> * If I try to connect from the Internet I get the Apache2-answer from >> the apache2-service on the firewall. > > Then something else is wrong other than your Shorewall configuration > because you CAN connect to your DMZ webserver from the internet. From > the dump you sent: > > tcp 6 59 TIME_WAIT src=210.245.122.38 dst=84.57.1.42 sport=55931 > dport=80 src=192.168.3.203 dst=210.245.122.38 sport=80 dport=55931 > [ASSURED] use=1 > > That is a connection from 210.245.122.68 to 84.57.1.42 that was > forwarded to 192.168.3.203. > > Here''s another one: > > tcp 6 96 TIME_WAIT src=210.245.122.38 dst=84.57.1.42 sport=50396 > dport=80 src=192.168.3.203 dst=210.245.122.38 sport=80 dport=50396 > [ASSURED] use=1 > > So I don''t know what else we can do to help you.Although you might try hitting the ''reload'' button on your browser -- do you get the DMZ page now? ------------------------------------------------------------------------------ Check out the new SourceForge.net Marketplace. It is the best place to buy or sell services for just about anything Open Source. http://p.sf.net/sfu/Xq1LFB