[Shorewall-newbies] Can't connect from LAN to port forwarded web in DMZ. Others connections (like ssh) works fine.

Varga Pavol pavol.varga at dashofer.sk
Sun Mar 14 12:42:46 PST 2004


Hi,
I have som trouble with connection to my port forwarded www server from
LAN and from firewall. (from Internet it works)
I use three-interface firewall with masquerading LAN & DMZ and port
forwarding some services.

lynx from firewall to www.myserver.sk returns:

Alert!: Unable to connect to remote host.

lynx from firewall to local IP for the first ask me to allow cookies,
and then returns:

Looking up 192.168.0.2 first
Looking up 192.168.0.2
Making HTTP connection to 192.168.0.2
Sending HTTP request.
HTTP request sent; waiting for response.
HTTP/1.1 302 Object moved
'A'lways allowing from domain '192.168.0.2'.
Data transfer complete
HTTP/1.1 302 Object moved
Looking up www.myserver.sk
Making HTTP connection to www.myserver.sk
Alert!: Unable to connect to remote host.

When I tried www.myserver.sk from LAN, the Squid returns:

While trying to retrieve the URL: http://www.myserver.sk/ 

The following error was encountered: 

Connection Failed 
The system returned: 

    (111) Connection refusedThe remote host or network may be down.
Please try the request again.

And when I tried local IP of myserver, the web browser still resolve it
to www.myserver.sk and then returns the same error like above.

Plesase, where is the problem? I thnik that rules between each other
zones I set correctly.

Thanks for any advice.
Palo.





More information about the Shorewall-newbies mailing list