linux

Iptables: how to redirect TCP/UDP connections from external clients to another external IP?

For my project, I need to set up a transparent proxy host not only for the web server, but also for other TCP/UDP connections (SIP, RDP, etc.) so that these servers are hidden directly from users for increase the level of security.
The configuration should be such that no additional settings are required on the client side. Given the specifics of my infrastructure, standard solutions (Squid, VPN, NAT (External to Internal)) do not suit me.
The specifics of my network:
1. All hosts are distributed territorially (VPS, Dediks) and are interconnected through external interfaces. At the same time, I cannot use private networks offered by providers, because providers are different.
2. Raise the VPN server and connect all hosts to the VPN. This option is not suitable due to a significant increase in delays, as well as problems with VPN support in part of the equipment.
3. Reverse Proxy - as I understand it, this solution involves using only HTTP, HTTPS ports
I think it is possible to implement a "transparent proxy" for TCP / UDP connections between a remote client and server without VPN for various services, using iptables for this scheme:
|remote client|public ip|> <-SIP, RDP, HTTPS-> <|Public IP|Proxy Server|Public IP|> <-SIP, RDP, HTTPS-> <|Public IP|hosts with services (RDP, SIP, VPN.)|
As I understand it, for this I will need the following tables and chains:
PREROUTING:
SNAT
I fight the third day, nothing works. I would appreciate any advice and your opinion - is it possible to implement this for UDP connections?
Thank you.