This is a simplified description of the development environment at work and I am trying to configure it to facilitate developers using it.

## Topology:
The topology of my setup is illustrated below. Description:

 1. I have 2 virtual machines (vm1 and vm2) running on my bare metal server bm1.
 2. I have a web server (listening on port 8080) running on vm1.
 3. I have a public facing router i.e. a public IP with a DNS name, say, www.mysite.com (IP: 10.1.2.3)
 4. The public facing router has been configured to forward any traffic coming for port 9080 to bare metal server bm1 (192.168.2.51)

## Requirement:
I need to be able to reach the web server (vm1-ws1) using the DNS name from both the bare metal server (bm1) and the virtual machines (vm1, vm2) over port 9080 i.e. ```curl http://www.mysite.com:9080``` should work from both the bare metal server as well as the VMs.

## Solution attempted:
 1. I verified that the web serer is reachable from both the bare metal and the VMs using the private IP address i.e. ```curl http://192.168.121.29:8080``` works from both the bare metal server and the VMs.
 2. I configured IP table rules as:
```
iptables -t nat -I PREROUTING -p tcp --dport 9080 -j DNAT --to 192.168.121.29:8080 
iptables -I FORWARD -d  192.168.121.29 -o virbr1 -j ACCEPT
```
 3. After adding the IP table rules, I can access the web server from the VMs but not from the bare metal server. In other words, ```curl http://www.mysite.com:9080``` works from the VMs but not from the bare metal. It hangs and then times out.

Kindly help me understand where I might be going wrong with the iptables rules config.


[![Image of my setup][1]][1]

  [1]: https://i.sstatic.net/FLmI54Vo.png