I'm running an openvpn server on my VPS with a public IP. There is a backend server connected to the VPN. These are the IPs on the VPN: VPS: 10.8.0.1 backend server: 10.8.0.2.
eth0 is the public interface, tun0 is the VPN interface
Now, I'd like to forward, for instance, port 22 on the backend server to port 2200 on the VPS. Here is what I did on the VPS (based on several tutorials and already asked questions):
- opened port 2200
- enabled IPv4 forwarding
put this into /etc/ufw/before.rules (yes, I'm using ufw and it works correctly):
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p tcp --dport 2200 -j DNAT --to-destination 10.8.0.2:22
-A POSTROUTING -d 10.8.0.2 -p tcp --dport 22 -j SNAT --to-source VPS-public-IP:2200
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
Reloaded ufw or even rebooted everything...
Tried other solutions, commenting some lines out (such as the first POSTROUTING rule above). Nothing -obviously- helped.
Output of nmap VPS-public-IP -p 2200 says the port is 'filtered' and when I try to ssh to port 2200, it just hangs and does nothing, I don't even get any error - that also happens when i try to ssh from the VPS to the backend server over the VPN (which normally works). What am I missing?
No comments:
Post a Comment