Port forwarding within the same server: [sourcecode]firewall-cmd --add-forward-port=port=port-number:proto=tcp|udp|sctp|dccp:toport=port-number[/sourcecode] example: [sourcecode]firewall-cmd --add-forward-port=port=8080:proto=tcp:toport=80[/sourcecode] where:

• port=8080 comes from client: :8080
• proto=tcp uses tcp as the protocol
• toport=80 comes to :80

for persistent connection, you must add --runtime-to-permanent option. [sourcecode]firewall-cmd --runtime-to-permanent[/sourcecode] check your all firewalld settings to make sure everything is fine [sourcecode]firewall-cmd --list-all[/sourcecode] example:

public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports: port=8080:proto=tcp:toport=80:toaddr=
source-ports:
icmp-blocks:
rich rules: