|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Xen forwarding port to VM
Codecr wrote: > Hi!! > > I'm being using xen with great sucess, now I want to expose a port in one VM > to the outside world. The VM is a Windows 2003 server and I want to open the > port 3389. > > I am being searching but I can't find the rule that I need to add to > iptables to do so. The interface for the VM is vif9.0 with internat IP > 192.168.1.77. The xen is running in bridge mode. If you're running in bridge mode, domU should have its own MAC address and IP address, and shouldn't really be affected by iptables rules, unless you're blocking all net traffic to the virtual interface (which your rules don't seem to be doing). Check that the virtual device exists and can be seen from the outside world (i.e ping it, nmap it etc). If these work, then the lack of rdp on the Windows server is due to the Windows config, not the Dom0 config. If you're actually using NAT, then you probably needing to use the PRE and POSTROUTING tables. The following should be enough to get it all working: echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s 192.168.1.77 -j MASQUERADE iptables -A PREROUTING -t nat -p tcp -i eth0 --dport 3389 -j DNAT --to 192.168.1.77:3389 Note that this will 'redirect' 3389 from dom0 to the IP of the appropriate domU. Matthew Attachment:
signature.asc The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |