Staff 10082 Posted ... HOW TO FORWARD PORTS TO YOUR DEVICES WITH IPTABLES You need to create a basic DNAT on your router. Remember that the router GUI usually forwards ports from the WAN to LAN. When connected to the VPN you must forward ports from TUN interface to the final destination. Therefore, it is important that you do not forward ports through the GUI of the router. Assuming that: destIP is the IP address of the destination device port is the port you wish to forward to that device tun1 is the tun interface of your router (please check! on some routers it can be tun0, on Tomato it can be tun11) you need to forward both TCP and UDP packets you need to add the following rules. Please note that the following rules do NOT replace your already existing rules, you just have to add them. iptables -I FORWARD -i tun1 -p udp -d destIP --dport port -j ACCEPT iptables -I FORWARD -i tun1 -p tcp -d destIP --dport port -j ACCEPT iptables -t nat -I PREROUTING -i tun1 -p tcp --dport port -j DNAT --to-destination destIP iptables -t nat -I PREROUTING -i tun1 -p udp --dport port -j DNAT --to-destination destIP Note: if your router firmware iptables supports the multiport module you can use --match option to make your rules set more compact. Please see here, thanks to Mikeyy https://airvpn.org/topic/14991-asuswrt-merlin-multiple-ports/?do=findComment&comment=31221 Kind regards 14 1 1 TheFURY-187, aeronut, airvpnmember and 13 others reacted to this Share this post Link to post
Not connected, Your IP: 3.145.96.41 Not connected, Your IP: 3.145.96.41
Online: 29383 users - 371048 Mbit/s total BW.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png){kind=avatar}
