Hello,
I want to establish a port forwarding, but as always I am stupid of my stupidity 
Under port forwarding I entered the source and destination port, as well as the local computer.
He writes in the gui that he has entered it, but it does not work, no access from outside.
Property already times the service shorewall (firewall) restarted - no change.
greetings
Gerald
Hi @gerald_FS,
looks correct but is the IP behind Host steuerung.nandlnet.de the internal one? I ask because I could reach steuerung.nandlnet.de via www, itâs a Nethserver 
this is a local computer, which only listens to the udp port. my local domain is also nandlnet.de and a computer has the hostname steuerung
I meant if there is a local ip in the firewall objects page:
Are you able to do other port forwardings? Maybe your provider does firewalling, or you have a router between internet and your port forwarding Nethserver.
I assume the Steuerung is reachable from internal network.
Correctly, internally it is attainable.
My Provider has nothing in between, also the rout which I use gives everything to the NS further.
There, however, the firewall blocks everything.
A host I can not create firewall because this is in the DNS with entry is provided.
âHost Identität wird schon benutztâ (Host identity is already in use)
In which files should this forwarding be deposited?
Property times yesterday times in the directory etc / shorewall looked but these are all empty or have only the standard entries âŚ
Hi @gerald_FS, donât forget that not everyone can easily read german (at least, it seems to me), so if youâre willing to take screenshots for post on forum, maybe should be easier to understand if you login in english on nethgui.
Uppss, right, youâre right!
In the zeal of the fight, I just made a screenshot.
Here are my screenshots:
1x DNS
1x port forwarding
1x Output when creating a host under Firewall Objects
When you do port forwarding you can select the dns hosts and the firewall object hosts.
If you have a host in dns then you canât create a firewall object host with same hostname but you may just take another name in the firewall objects host, important for port forwarding is just the ip address, not the name:
hello thanks for your help!
Exactly the host entry was what was missing.
Somehow it is somewhat illogical that one after the portforwarding, still a host entry in the firewall must create âŚ
But now it is - THANK YOU!
As best practice for object-driven firewall interface, you have to create the âraw materialsâ (object like services, addresess, hosts, subnets) before combine them to create âgoodsâ (firewall rules, routing rules, policy routing).
It will help you a lot when âraw materialsâ will change, because it will apply on every rule you wrote before, without put you in urge to check every single rule/routeâŚ
