I've been trying to NAT HTTPS traffic on an external IP (say debianIP1) to an internal IP (say debianIP2) based on several examples/guides, like:
How to do port forwarding/redirecting on Debian?
http://jensd.be/343/linux/forward-a-tcp-port-to-another-ip-or-port-using-nat-with-iptables
Unfortunetly, I'm not able to get it working. This is what I do op debianIP1:
/etc/sysctl.conf file, net.ipv4.ip_forward = 1 (IPv4 portforwarding enabled)
Commands:
iptables -t nat -A POSTROUTING -o venet0:0 -j MASQUERADE
iptables -t nat -A PREROUTING -i venet0:0 -p tcp --dport 443 -j DNAT --to debianIP2:443
iptables -A FORWARD -i venet0:0 -p tcp --dport 443 -d debianIP2 -j ACCEPT
When on debianIP1, and I perform:
telnet debianIP2 443 -
I can see I'm connectedtelnet localhost 443 -
I get connection refused
venet0:0 is used as this is the only interface that shows an external IP (other is venet0 and lo). Including venet0 for venet0:0 provides the same result.
Can somebody tell me what I'm missing?
No comments:
Post a Comment