I'm trying to give public access from outside my network to a specific device (10.1.1.12) inside my network, using port 5000.
I have a PC acting as a firewall between my gateway and the devices inside my network, so I need to change that PC's iptables. That PC acting as firewall has two interfaces: eth0 (10.1.1.1) and eth1 (192.168.1.5).
The incoming traffic from outside will come from eth1 (192.168.1.5) and I just need to forward it to eth0 (10.1.1.1) because, at the moment, I've already set the forwarding from 10.1.1.1 to 10.1.1.12 (the final device) and it's working fine.
Searching on the web, I tried to set the next two iptables rules, without success:
iptables -A FORWARD -p tcp --destination-port 5000 --in-interface eth1 -j ACCEPT
iptables -t nat -A POSTROUTING -p tcp --destination-port 5000 --out-interface eth0 -j MASQUERADE
Then, I tried to set the next iptables rule, also unsuccessful:
iptables -t nat -A PREROUTING -p tcp --destination-port 5000 --in-interface eth1 -j MASQUERADE
In conclusion, if I type in a browser 10.1.1.1:5000 from inside my network, I can access 10.1.1.12, so that forwarding is working fine. But if I type in a browser my.public.i.p:5000 from outside my network, I get an ERR_ADDRESS_UNREACHABLE, so the forwarding between eth1 and eth0 is not working fine.
Some help will be appreciated. Thanks.
No comments:
Post a Comment