Question

Redirect port 3389 from eth0 to tun0 (OpenVPN)

Posted March 19, 2020 62 views
Firewall

Hello people. I tried in every way (that I know) to redirect a port (3389) of public ip origin through the eth0 interface to the tun0 interface virtual VPN network. But not work. Has anyone had this problem?

Hugs.

1 comment
  • Table route:

    root@debian-s-1vcpu-1gb-nyc1-01:/etc/openvpn# route
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    default         68.183.16.1     0.0.0.0         UG    0      0        0 eth0
    10.10.0.0       *               255.255.0.0     U     0      0        0 eth0
    10.136.0.0      *               255.255.0.0     U     0      0        0 eth1
    68.183.16.0     *               255.255.240.0   U     0      0        0 eth0
    192.168.254.0   192.168.254.2   255.255.255.0   UG    0      0        0 tun0
    192.168.254.2   *               255.255.255.255 UH    0      0        0 tun0
    

    eth0 public IP
    tun0 VPN IP

    iptables for testing:

    #!/bin/bash
    # Flushing all rules
    iptables -P INPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -F
    iptables -X
    iptables -t nat -F
    iptables -t nat -X
    iptables -t mangle -F
    iptables -t mangle -X
    
    
    iptables -t nat -A PREROUTING -s 0/0 -m tcp -p tcp --dport 8080 -j DNAT --to-destination 68.183.26.243:80 #working!
    iptables -t nat -A PREROUTING -s 0/0 -m tcp -p tcp --dport 85 -j DNAT --to-destination 192.168.254.10:80  #not work :(
    
    iptables -I INPUT 1  -p tcp --match multiport --port 85,8080 -j ACCEPT
    iptables -I INPUT 2  -p udp --match multiport --port 85,8080 -j ACCEPT
    iptables -I OUTPUT 1 -p tcp --match multiport --port 85,8080 -j ACCEPT
    iptables -I OUTPUT 2 -p udp --match multiport --port 85,8080 -j ACCEPT
    
    echo "1" > /proc/sys/net/ipv4/conf/eth0/accept_redirects
    echo "1" > /proc/sys/net/ipv4/conf/eth0/forwarding
    echo "1" > /proc/sys/net/ipv4/conf/tun0/accept_redirects
    echo "1" > /proc/sys/net/ipv4/conf/tun0/forwarding
    echo "1" > /proc/sys/net/ipv4/conf/all/accept_redirects
    echo "1" > /proc/sys/net/ipv4/conf/all/forwarding
    

    Can someone help me? :(

    I made these same settings on a server that I have here in the company and it worked, but this is not working.

0 answers
Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!