From green to webserver in DMZ over red

Hello,
my webserver is running in orange. This can be reached via red and works perfectly via port forwarding for 80 and 443. In orange, the webserver has the IP 172.16.1.4. For this I have set up a ddns for my address example.de.

so far so good.

but if I want to access example.de from a client in green, it fails with “timeout”. I can reach the server directly via 172.16.1.4.

can someone help me?

Philipp

Check your client DNS configuration

DNS configuration is ok. dns resolves to the correct ip address. but with tracert it shows only one line with the gateway IP of green. and the next lines remain empty.

"Routenverfolgung zu example.de [178.7.55.88]
über maximal 30 Hops:

1 1 ms <1 ms <1 ms 192.168.1.1
2 * * * timeout
3 * * * timeout.
4 * * * timeout
5 * ^C"

Did you open the DNS to the green zone in the firewall?

I do not understand. how do you mean?

Enter your 172.16.1.4 and i guess dyndns name.

https://wiki.ipfire.org/configuration/network/hosts