How to implement access to a local web server behind NAT through VPS?

U

unsstrennen2021-02-02 03:37:43

System administration

unsstrennen, 2021-02-02 03:37:43

Given: a local network located behind the provider's NAT, there is a raspberry in it, there is a web server on it. It must be accessed from anywhere in the world. I'm not an expert (which is why I'm turning to the community), but it seems that in order for it to work, you need to lay a communication channel between the VPS, which will act as an intermediary, and my server directly. VPS is. I imagine it something like this:

* On the client, I specify the ip of the VPS and a specific port
* The VPS simply somehow magically transfers the data to the web server, passing it through itself.
How can I implement this? I'm probably talking about port forwarding behind the nat provider, but the community knows better here.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

none7, 2021-02-02
@unsstrennen

To get started, raise between raspberry and vps VPN like this .
Run a command on the vps echo 1 > /proc/sys/net/ipv4/ip_forwardso that the kernel redirects network traffic.
In order for the firewall not to block transit traffic

iptables -A FORWARD -o $vps_main_interface -j ACCEPT
iptables -A FORWARD -o $wireguard_interface -j ACCEPT

Basic NAT

iptables -t nat -A POSTROUTING -o $vps_main_interface -j MASQUERADE

Port forwarding

iptables -t nat -A PREROUTING -p tcp -i $vps_main_interface --dport 80 -j DNAT --to $client_ip

.
How to set it up so that everything is saved after a reboot depends on the distribution. Also, this simplified "magic" can break for various reasons, and in order to figure out why this happened, you need it to stop being magic for you.

Z

Zzzz9, 2021-02-02
@Zzzz9

Host website on VPS.