Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nikita Parfenovich2015-10-08 10:02:16
linux
Nikita Parfenovich, 2015-10-08 10:02:16

linux. iptables. Redirecting RDP from one server to another. How?

There is office1 with subnet 192.168.6.0. There is office2 with subnet 192.168.4.0.
Office1 has server 192.168.6.12, office2 has server 192.168.4.30. These are 1C servers. office1 and office2 are connected via openvpn, the gateways in the offices are on Debian 7. It is necessary to configure a firewall in both offices so that when clients knock on 192.168.4.30, they get to 192.168.6.12. In office1 I set it up with half a kick, but in office2 it doesn’t work, no matter how perverted with iptables. Suggest a solution, please.

iptables -t nat -A PREROUTING -p tcp -d 192.168.4.30 --dport 3389 -j DNAT --to-destination 192.168.6.12:3389
iptables -t nat -A POSTROUTING -p tcp --dst 192.168.6.12 --dport 3389 -j SNAT --to-source 192.168.4.30
iptables -A FORWARD -d 192.168.6.12 -p tcp --dport 3389 -j ACCEPT

these rules work in office1, but it doesn't work in office2...
networks 192.168.4.0 and 192.168.6.0 see each other

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
N
Nikita Parfenovich, 2015-10-08
@nagibat0r

Thank you all for the answers and comments, I found this solution, on the advice of a friend.
I made a 3rd level domain name, in the domain control panel I just set the necessary ip, and if necessary I will simply change it there. All clients will go to the server just by this domain name.

Report
L
ldv, 2015-10-08
@ldvldv

Clients from office 2 go to 192.168.4.30 directly, not through a router.

Report
S
Sly_tom_cat ., 2015-10-08
@Sly_tom_cat

Is forwarding allowed?
What does
# cat /proc/sys/net/ipv4/ip_forward say
?
if zero, then enable:
# echo "1" > /proc/sys/net/ipv4/ip_forward
# sysctl net.ipv4.ip_forward=1

Report
M
mureevms, 2015-10-08
@mureevms

Attach rules from both gateways indicating their local addresses, as well as which server is the OVPN server.
In general, it is not very clear what these actions with DNAT are for. Do you have local subnets do not see each other? If not, then configure OVPN, not a firewall, and go directly to a remote subnet.

Similar questions
O
OKNOZA2015-06-21 23:31:05
Can I not use NodeJS templating engine? 7Reply
V
Vitaliy Kybych2019-11-17 23:37:33
How to set up wifi adapter in VirtualBox? 4Reply
B
bitkoljas2020-12-06 19:49:50
How is the sound output in Lineage OS 17.1 firmware? 0Reply
A
amg04612020-12-06 20:47:45
Mate from under Debian loses wi-fi, where to dig? 0Reply
S
SysUtils2016-10-20 19:31:24
Setting up Iptables OpenWRT? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question