The context:
I'm working with Zabbix Server and need to monitor remote servers conected with VPN/SSL tunnel using OpenFortiVPN with Any-Any rule set by our external Datacenter Provider.
Local IP of Zabbix Server: 192.168.2.6/24 Remote IP of monitored server: 10.0.0.1 (available from VPN/SSL Tunnel as said)
Zabbix dropped packets from ppp0 interface (created by openfortivpn connection), but I have succesfully stablished a ssh port forward from 10.0.0.1:10050 to 192.168.2.6:10056 and configurating 10.0.0.1 zabbix agent as server itself (server=10.0.0.1), and in the zabbix server side (192.168.2.6), I have created a host with 192.168.2.6 agent IP on local port 10056, and I have created to zabbix server obtaining 10.0.0.1:10050 agent data in 192.168.2.6:10056
The question and helping request is:
The ssh command line I have used is (with certificate autentication):
ssh -L 192.168.2.6:10056:10.0.0.1:10050 root@10.0.0.1 -o ServerAliveInterval=60
How can I translate this functional ssh port forwarding (and cheating) rule to an IPtables or firewall-cmd (preferred), considering I have the fully functional vpn/ssl tunnel stablished.
Your help will be greatly appreciated since I have no experience in doing something like this with firewall-cmd or iptables and all my experiments have failed.
Bests,
René
