Jump to content
Not connected, Your IP: 3.147.59.217
AirVPN
Sign in to follow this  
Followers 0
pippinoparrinello

Raspberry gateway portforwading

By pippinoparrinello, ... in Troubleshooting and Problems

Recommended Posts

pippinoparrinello    0

pippinoparrinello
Posted ...

i set up a raspberry as vpn gateway. I would like now to forward all the packets from vpn port 3000 , interface tun0 to a local pc connected to the local lan eth0 with local ip of 192.168.1.80 port 8080. Could someone give me the right iptables rule?

Share this post

Link to post

pippinoparrinello    0

pippinoparrinello
Posted ...

I did as you suggested trying to route port 80 to 192.168.1.1

 

 

sudo iptables -I FORWARD -i tun0 -p udp -d 192.168.1.1 --dport 80 -j ACCEPT

sudo iptables -I FORWARD -i tun0 -p tcp -d 192.168.1.1 --dport 80 -j ACCEPT

sudo iptables -t nat -I PREROUTING -i tun0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1

sudo iptables -t nat -I PREROUTING -i tun0 -p udp --dport 80 -j DNAT --to-destination 192.168.1.1

 

and then i opened using the forwarded port interface of your site

 

62070

 

Protocol: TCP & UDP Local port: 80 DDNS: external Connected to server: Tauri Mapped to public IP: 46.165.208.105

 

NO answare CONTACTING

 

46.165.208.105:62070 Could you please help me further?!

 

Many thanks

Share this post

Link to post

pippinoparrinello    0

pippinoparrinello
Posted ...

I tryied all this different set... none is working

 

SET 1

sudo iptables -I FORWARD -i tun0 -p udp -d 192.168.1.250 --dport 80 -j ACCEPT
sudo iptables -I FORWARD -i tun0 -p tcp -d 192.168.1.250 --dport 80 -j ACCEPT
sudo iptables -t nat -I PREROUTING -i tun0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.250
sudo iptables -t nat -I PREROUTING -i tun0 -p udp --dport 80 -j DNAT --to-destination 192.168.1.250
 
SET2
sudo iptables -A FORWARD -i tun0 -o eth0 -p tcp --syn --dport 80 -m conntrack --ctstate NEW -j ACCEPT
sudo iptables -A FORWARD -i tun0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A FORWARD -i eth0 -o tun0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.250
 
SET3
sudo iptables -t nat -A POSTROUTING --out-interface eth0 -j MASQUERADE
sudo iptables -A FORWARD --in-interface tun0 -j ACCEPT
sudo iptables -t nat -A PREROUTING -p tcp -i tun0 -m tcp --dport 80 -j DNAT --to-destination 192.168.1.250:80

Share this post

Link to post

Staff    9779

Staff
Posted ...

Hello,

 

make sure you have read the reply to your ticket, there is an important information which should help you fix the issue (we see packets reaching your system which are actively rejected).

 

Kind regards

Share this post

Link to post

pippinoparrinello    0

pippinoparrinello
Posted ...

I see connection timeout. probably you see the rejection because my subscription to airvpn ended yesyerday. Now i have a new 3 days subscription. Please test it again. Thanks everybody for the effort

Share this post

Link to post

pippinoparrinello    0

pippinoparrinello
Posted ...

I see connection timeout. probably you see the rejection because my subscription to airvpn ended yesyerday. Now i have a new 3 days subscription. Please test it again. Thanks everybody for the effort

 

 

Base case (no modification) iptables are:

# Generated by iptables-save v1.4.21 on Sun May  1 14:26:26 2016

*filter
:INPUT ACCEPT [290:31586]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [110:8444]
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o tun0 -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 443 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment ntp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -j DROP
COMMIT
# Completed on Sun May  1 14:26:26 2016
# Generated by iptables-save v1.4.21 on Sun May  1 14:26:26 2016
*nat
:PREROUTING ACCEPT [44:5055]
:INPUT ACCEPT [41:4580]
:OUTPUT ACCEPT [55:5869]
:POSTROUTING ACCEPT [41:2931]
-A POSTROUTING -o tun0 -j MASQUERADE
COMMIT
# Completed on Sun May  1 14:26:26 2016

Share this post

Link to post

pippinoparrinello    0

pippinoparrinello
Posted ...

I see connection timeout. probably you see the rejection because my subscription to airvpn ended yesyerday. Now i have a new 3 days subscription. Please test it again. Thanks everybody for the effort

 

 

Base case (no modification) iptables are:

# Generated by iptables-save v1.4.21 on Sun May  1 14:26:26 2016

*filter
:INPUT ACCEPT [290:31586]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [110:8444]
-A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o tun0 -j ACCEPT
-A OUTPUT -o tun0 -m comment --comment vpn -j ACCEPT
-A OUTPUT -o eth0 -p icmp -m comment --comment icmp -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -m comment --comment lan -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 443 -m comment --comment openvpn -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 22 -m comment --comment ssh -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -m comment --comment ntp -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -m comment --comment dns -j ACCEPT
-A OUTPUT -o eth0 -j DROP
COMMIT
# Completed on Sun May  1 14:26:26 2016
# Generated by iptables-save v1.4.21 on Sun May  1 14:26:26 2016
*nat
:PREROUTING ACCEPT [44:5055]
:INPUT ACCEPT [41:4580]
:OUTPUT ACCEPT [55:5869]
:POSTROUTING ACCEPT [41:2931]
-A POSTROUTING -o tun0 -j MASQUERADE
COMMIT
# Completed on Sun May  1 14:26:26 2016

Share this post

Link to post

Staff    9779

Staff
Posted ...

I see connection timeout. probably you see the rejection because my subscription to airvpn ended yesyerday. Now i have a new 3 days subscription. Please test it again. Thanks everybody for the effort

 

 

Hello,

 

we see refused connections because packets are rejected, otherwise we would have seen timeouts (no replies at all from your client) as you correctly notice, not to mention the fact that your account expiration date was irrelevant: obviously we tested when your client was connected to some VPN server.

 

Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...