Make web server on green LAN publicly accessible

I already have a nethserver server running, I have a case, in the lan green network there is a web server, I need that server to have public access, and probe with port redirection, snat, it doesn’t work, the public ip that you will use is added as an alias virtual on the network
I hope you tell me how to fix it.
Thank you.
Pol C.


Welcome to our forum!

The easiest way would be to use reverse proxy, available under software center.

Depending on the type of webserver and what’s running on it, a simple path redirection may suffice, or you might need a virtual domain redirection. Nethserver can do both.


Simple version:

Your Webserver has a Web-App in subdirectory /webapp/. Just forward that directory (Without any slashes) to http://YOUR-IP/webapp/

Domain Redirection:

Say you have a CRM Webserver running under Forward the whole Domain to http://YOUR-IP/.

PS: These instructions are specifically for the 980 interface, not cockpit (haven’t tested the new cockpit yet on this…)

Hope that helps

Grateful for your support.
My problem is something else, I explain.
I have a network and 4 aliases five ips, configure a dmz in another segment, in the dmz there is a zimbra server, to be able to that zimbra I do PORT FORWADING WITH THE FIRST PUBLIC IP THAT USES THE RED RED CARD, leaving the four public ips available, now I need externally to reach some tcp ports of two computers that are in the lan green network, such as 80, 80, 1151, 1158, etc ,.
Configure the same PORT FORWARDING for the other public ips and my internal ips, but I can’t get from outside, only with those ips I only get to the FW.
That I am missing, I must open ports in the Fw, some recommendation.
Thank you.
Pol. C.


Understand your situation better now.

However, I use almost at all my clients the open source Firewall OPNsense. That can do what you need easily and can also run as a virtual machine.

What you need is 1:1 NAT, not 1:N, also known as NAT with Port Forwarding.

NethServer can do both forms of NAT, but I can’t really help you here…

My 2 cents



If you’re willing to try using OPNsense as the firewall, and let your NethServer be NethServer without firewalling headaches, i’m willing to walk you thru.
If in a virtual environment, this would take about one hour.
If this is a physical environment, you’d need a box with 3 (or more) NICs.

OPNsense is like NethServer completly open source, there is no paid enterprise version. It’s all completly free! You can always donate, if you find this helps your daily work or at home, but that’s up to you.

OPNsense is a fork of PFsense, itself a fork of M0n0wall. The creator of the now dead monowall project himself points to OPNsense, NOT pfSense…

OPNsense specializes in Firewalling, and makes most stuff fairly easy, considering the complexities in Firewalling, routing and auditing all that…

My 2 cents

You can add the alias IPs to the Nethserver configuration in the network settings:


…and then you can choose the (alias) IPs in the port forward:

This way it should be possible to forward traffic over specific WAN (alias) IPs to internal hosts.