Thanks! It’s working now:)
One last question: Is this guide outdated: (Firewall | Qubes OS)?
It is stated there to create a file in /etc/qubes-rpc/policy/qubes.ConnectTCP rather than /etc/qubes/policy.d/30-remote-admin.policy.
My overall goal is to access dom0 via vnc from the outside world. (I’m aware of the security risks.)
I have configured a wireguard gateway into my local network and want to expose a port of my qubes desktop computer to the local network for vnc access. (so sys-net → sys-firewall → remote-admin) .
Well, because you’re punching a hole so big in this Qubes system then maybe you could run this in sys-net rather than remote-admin and have a way easier time exposing that qube.
Just do the same thing but instead of remote-admin, replace with sys-net. And then find out how you can expose a server on sys-net if it doesn’t aready.