How to forward the iptabless port to the network behind the VPN?

D

Dima Petrov2016-09-11 14:51:05

VPN

Dima Petrov, 2016-09-11 14:51:05

How can I forward a port to the network for vpn.
the scheme is as follows:
incoming connection -> my external ip -> vpn -> local network -> end device
If I understand correctly, it is necessary that the packet be transmitted from my local adapter.
But something didn't work out.
Help me please.
Thank you.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dima Petrov, 2016-09-29
@sajor2006

it turned out to do this by
throwing the port
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 58423 -j DNAT --to-destination 172.16.74.80 (local network behind vpn): 80
I replace the ip from which
iptables -t nat access -I POSTROUTING 1 -p tcp --dst 172.16.74.80 --dport 80 -j SNAT --to-source 172.17.1.1
Thanks.

Y

younghacker, 2016-09-25
@younghacker

The diagram is not clear.
As I see it: A packet arrives at your public IP, then for some reason it gets into the VPN, after it it goes to the local network and finds the end device there. A VPN is enabled between your IP and the local network, although it is usually enabled between external public IPs when transmitting information over other people's communication lines.
I'll try to guess the scheme and the problem.
You are trying to connect outside via VPN to get to a device that knows nothing about your existence. I am clarifying. You come from a network, say, with addresses 10.0.0.0/24, and the device is connected to a network with an address space of 192.168.1.0/24.
Questions:
There are two ways:
1) configure routing
2) configure port forwarding or DMZ
tcpdump will reveal all the secrets of networks to you.