Idk whether this is a Shorewall question or not. My LAN has a class C of 192.168.1.0. The gateway for all LAN members is 192.168.1.1
Now one of the LAN members is a KVM VM at 192.168.1.16, and it is the Wireguard VPN server. Remote machines come in through the gateway and are port-forwarded to the VPN server for full access to the LAN. This works fine now. (Thank you) First Question: Remote VPN members can access any node in the LAN, but can not get back out through the gateway for internet access. Any idea where I should look? The VPN server does have its gateway set to 192.168.1.1. Second Question: Another member of the LAN, 192.168.1.4, is the backups server. And the backups server runs a KVM VM which handles all security cameras (ZoneMinder) through a dedicated port in the class C of 10.1.50.0. This security cam VM has a second IP in the class C of the LAN and serves Zoneminder to the LAN this way. I would like to serve Zoneminder to the outside only on the VPN. Does that mean I port-forward 80 to the VPN server, either through a reverse SSH tunnel or by Shorewall DNAT? Then to access it from remote on the VPN server? Is this the best way? Would it then also still be accessible to the LAN? Third Question: The cameras on 10.1.50.0 are only visible to the cameras server on a dedicated port. These cameras provide a high-res RTSP stream and a low-res RTSP stream, the latter being appropriate for a remote phone. Can anyone see how I can pipe the low-res stream to the VPN server so it's accessible by a remote phone?
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
