opening ports using firewalld
 

Dear Forum
I have a fedora 20 router. I'm trying to configure NAT for our LAN to WAN connection. I can access our Linux cloud from our LAN just fine and a VM Linux Console just fine. But from a remote sight over the WAN I cannot access the Linux VM Console. I can access the VM Client but not the Linux VM over the WAN. I ran a port scan and found only ports 22 and 8080 were open on the router. I have port forwarding set to 140.xxx.xxx.xxx:8080 -> 192.xxx.xxx.xxx:9443 which gets me to the VM Center Host. I believe I also need the following ports open: 902/tcp, 903/tcp, and 7331/tcp to have access to the console. I thought I opened these ports on the external zone, but when I port scan they are closed and only 22 and 8080 are open.

Can anyone shed some light on the proper config for setting ports 902, 903, and 7331 open permanent on the external zone or should it be the trusted zone?

Thanks,
RonM

when you figure it out, please let me know. on my CentOS v7 system i had to disable firewalld in order for plex, minecraft, and NFS to share via the LAN. thankfully im behind a rather robust hardware firewall/router, but still would like to have my firewalld just function like IPTables. If i cant figure it out soon, ill disable firewalld totally and activate IPTables and IPv6Tables as I know they work and how they work.

firewall-cmd for command-line setting changes.

The fedora 20 firewall gui (firewall-config from command line) is pretty simple. btw, I use xfce.

doug while that is supposed to work, it does not.

see below:

https://www.linuxquestions.org/quest...v7-4175516086/

I don't use NFS specifically, but I haven't had any problems opening ports with firewall-cmd. Don't forget you need to do the same firewall-cmd call without the --permanent if you want to see the change in the current runtime configuration. Same with the GUI, you need to change both the runtime and the permanent configurations.