Port forwarding issue

Hello - I have been beating my head against a wall for days and am finally reaching out for help.

I have a docker web app stood up inside an ubuntu vm on an ubuntu host. Inside my network, I can reach the docker container just fine using the vm’s ip address. I can also reach it using the vm’s hostname. Everything works as expected: ports are configured appropriately between the docker container, etc.

I have a domain name configured in Cloudflare, with the DNS pointing to my public IP address (DDNS). I have configured a port forward on my ipfire router, according to the wiki, from the firewall 443 to my ubuntu vm:443. For the life of me, I cannot access the host from outside my network. Cloudflare says unable to reach host.

I have logging turned on for the port forward and no drops, forwards or dnats are logged. I’m at a complete loss.

Your port forward source should not be Firewall but Standard Networks Any or Red

Hi Adolf,
Actually that’s what I have set. When it shows in the GUI it says Firewall:443, but in the rule it is set to Standard Networks: Any

The problem can be in IPFire but can also be in your virtual machine. I would search the logs over there as well. For the IPFire side, does tail -f /var/log/messages while attempting to connect from the red interface show anything at all?

Source should be equal to RED, destination should show firewall:443, like in the example below:

The NAT should happen only in the red zone. Connecting from inside your network should not need a NAT rule, therefore in source I have RED, and it works as expected. I can connect directly from inside my network to the web server running in the orange zone without any problem, while if I connect from the red zone, there is NATting of the traffic, again as expected.