Problems in Test Scenario

Hi, I know this is not a normal scenario, but they are tests.
I have put the router in DMZ mode against a virtualized IPFIRE with VirtualBox. So I have some computers on the network and others behind the ipfire.
El caso es que desde los equipos que están detrás de ipfire ( veo los que están antes de el ( , but I can not from the computers connected to router ( see those behind ipfire (
I have created entry rules, but nothing.
Is there any way to do this?

Thank you and forgive my ignorance on firewall issues

Hallo @marivera

Welcome to the IPFire community.

You need to create Port Forward rules for the protocols you are interested in specifying the IP address of the source computer that is on the red side of your virtual IPFIre and the IP address of the destination computer on the green side of your virtual IPFire.
Following IPFire wiki link gives info on creating port forward rules.

I have also set up a vm testbed using virtualbox.

I have a physical IPFire connecting to my ISP’s fibre connection. Then on one of my computers on the green network of that IPFire I have created a virtual IPFire with green, blue and orange interfaces. I have then created 6 virtual computers running arch linux. Two are connected to the virtual IPFire green, two to blue and two to orange,

I use this to evaluate IPFire Core Updates when they are released into Testing stage.

The above works for me and I can access whatever virtual machines I want to from the virtal IPFire red interface (the physical IPFire green lan.

1 Like

Thank you very much for responding.
I had already tried this rule, but without activating the NAT. I have tried again following the manual and I can not respond to a ping from the red port to green, (if from green to red).
In the red network I have telephone terminals and the green one a PBX, which is the one I want to protect. But I can’t get the terminals to see the PBX.
It is curious that if I perform a tracert from red to green, it returns the name of the computer but from the green network ip, it responds that inaccessible computer.
Anyway, as I said before, it is a useless scenario.