Staff 9971 Posted ... HOW TO FORWARD PORTS TO YOUR DEVICES WITH IPTABLES You need to create a basic DNAT on your router. Remember that the router GUI forwards ports from the WAN to LAN. When connected to the VPN you must forward ports from TUN to LAN. Therefore, it is imperative that you do NOT forward ports in the GUI of the router. Assuming that:destIP is the IP address of the destination deviceport is the port you wish to forward to that devicetun1 is the tun interface of your router (please check! on some routers it can be tun0, on Tomato it can be tun11)you need to forward both TCP and UDP packetsyou need to add the following rules. Please note that the following rules do NOT replace your already existing rules, you just have to add them. iptables -I FORWARD -i tun1 -p udp -d destIP --dport port -j ACCEPTiptables -I FORWARD -i tun1 -p tcp -d destIP --dport port -j ACCEPTiptables -t nat -I PREROUTING -i tun1 -p tcp --dport port -j DNAT --to-destination destIPiptables -t nat -I PREROUTING -i tun1 -p udp --dport port -j DNAT --to-destination destIP Note: if your router firmware iptables supports the multiport module you can use --match option to make your rules set more compact. Please see here, thanks to Mikeyy https://airvpn.org/topic/14991-asuswrt-merlin-multiple-ports/?do=findComment&comment=31221 Kind regards 14 1 1 wombat, Jumping, JAC-Render and 13 others reacted to this Share this post Link to post
Not connected, Your IP: 18.118.19.123 Not connected, Your IP: 18.118.19.123
Online: 25200 users - 316054 Mbit/s total BW.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png){kind=avatar}
