port forwarding

[agord]

Hi,

 i installed Zentyal for first time a few days ago....im really happy. But theres a little problem.

I have 2 wan's and 2 Servers
1st server lan ip (Srv1): 192.168.0.1 (zentyal...gateway packet)
2nd server lan ip (Srv2): 192.168.0.3 (ubuntu server...a lot of things inside hehe)
First one runs Zentyal. And the second one runs ubuntu and manage web services and app's.

I tried to forward all http to the Srv2. but when i tried to reach my WAN (public) ip i get the "It Works" default welcome from Apache that belongs to ZENTYAL 

Can anyone give me an advice ? i will appreciate it   

Regards!

[christian]

I don't really understand what you redirect to what. Well, I suppose you want to redirect to srv2 but from where ? wan reaching srv1?

does it look like this:
wan1 <---> srv1 (192.168.0.1) <-----> (192.168.0.3) srv2
and I don't know where to put wan2 

[agord]

Ohh sorry my fault... i will explain better:

wan1 <-> srv1 (zentyal) <-> srv2
wan2 <-> srv1 (zentyal) <-> srv2

this is my actual configuration:
eth0 belongs to WAN1
eth1 belongs to WAN2

eth0    Zentyal    TCP/UDP    any    Any    192.168.0.3    Same
eth1    Zentyal    TCP/UDP    any    Any    192.168.0.3    Same

when i try to open a website that is host in srv2 i get now "The connection was reset".... i think that is a problem of firewall. I dont know

[agord]

I made some test configurations...now if i put my WAN ( 1 or 2) ip i get:

"IT WORKS!!" (from zentyal srv1)

and if i try my WAN:4089 or any other service from my srv2 i get:

"The connection was reset"

any ideas? 

[christian]

1 - Are you redirecting "everything" to srv1 ? I would suggest, at least for testing purpose, to redirect only one single port.
2 - are you sure default route on srv2 is 192.168.0.1 ?

[agord]

1.- Yep if its possible i wanna redirect everything...
     and answering your suggestion, yep i tried with only 1 port....

eth0/eth1    Zentyal    All    8080/80    Any    192.168.0.3    Same

and nothing

2.- Yep my def route is 192.168.0.1 on SRV2

--------------------------------------------------

It looks like the packets reach SRV2....but they never come back, so i checked my firewall, and i get tired so i test with "ANY ANY" over every configuration heheh

and.................nothing hehe

I'm getting tired about this  its an easy thing that become hard lol

[christian]

BTW, if using 3.0, did you ensure you selected the "replace source address box" ?
You can also log forwarded connections 

Aside this purely "forwarding" topic, if you have significant amount of application running on srv2, instead of port forwarding, I would rather suggest to implement HTTP reverse proxy.

Port forwarding is a nice workaround but not very flexible, with few control (if any) and some drawbacks in case you different internal and external domain names, application having hardcoded URLs and stuff like this.

[agord]

yep i selected it.. i read all the tutorials...docs...wikis heheh about port forwarding i dont know what im doing bad.

I will try to log them and check.

In the other hand, now i have running only 2 app's on srv2 and it still even working.

Is so simple but complicate  it cant forward from srv1 to srv2 one port

[agord]

i dont know what the hell i did..........


BUT ITS WORKING


thanks!
pd: (i will check log configs and show it here)