Re: Re: Foward ports to multiple intneranl ips

Home Page Forums Network Management ZeroShell open same port in firewall for multiple internal ips Re: Re: Foward ports to multiple intneranl ips

#47256

jt
Member

If you only have one public IP address, a port can only be forwarded to one internal IP address.

Someone at an IP on the internet wants to connect to your port 5060. They make the connection to your public IP, port 5060 and it is forwarded to your internal server, for instance 192.168.12.50

There’s no easy way to decide that a connection request to 5060 needs to go to a different server 192.168.12.51 instead. Typically, if two internal servers need to listen for connections, one of them needs to be changed to a different port number on zeroshell.

You don’t need to edit the iptables rules, instead use the Router–>Virtual Server tab. It does have the option to divide the connections between multiple internal servers, but one particular server can’t be selected that way.

Example. First server:

Interface ETH01 (the internet port)
IP address ANY (anyone can connect)
Protocol TCP
Local Port 5060
Real Server 192.168.12.50:5060

Second server:
Interface ETH01 (the internet port)
IP address ANY (anyone can connect)
Protocol TCP
Local Port 5160 (a different port on your public IP)
Real Server 192.168.12.51:5060 (the same port on a different server)