All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Port forwarding on OpenVPN
So I am in the process of making a VPN service with multiple locations
so far added
USA - New Jersey
USA - LA
Netherlands
France
Germany
UK
Japan
Issue I am having is portforwarding as at the moment I have these command which is being sent from our main site to the api then to servers
iptables -t nat -A PREROUTING -p tcp --dport '.$port.' -j DNAT --to-destination '.$internalip.'; iptables -A FORWARD -s '.$internalip.' -p tcp --dport '.$port.' -j ACCEPT; service iptables save; service iptables reload'
This should be allowing portforwarding on the Port of the vpn to the internal IP i.e client
My server.conf is
local ***.***.***.** #- my ip server IPs here port 1194 #- port proto udp #- protocol dev tun tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login client-cert-not-required username-as-common-name server 10.8.0.0 255.255.255.0 push redirect-gateway def1 push dhcp-option DNS 8.8.8.8 push dhcp-option DNS 8.8.4.4 keepalive 5 30 comp-lzo persist-key persist-tun verb 3 reneg-sec 0
Any ideas to why it wont seem to port forward?
Comments
I think in "--to-destination local-IP" you need also place port:
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination IP:80
A few things. You set your OPenVPN config to use udp, but you are only forwarding tcp traffic with iptables?
Also, did you set your outgoing rules?
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
And forwarding between interfaces?
Pm me your script. Piece of cake
So for example here are the functions.
What should be the correct command to open and close ports?
function openport($sship, $sshport, $username, $password, $internalip, $port) { $connection = ssh2_connect($sship, $sshport); ssh2_auth_password($connection, $username, $password); $cmd = ssh2_exec($connection, 'screen -dmS '.$_SESSION['username'].' & iptables -t nat -A PREROUTING -p tcp --dport '.$port.' -j DNAT --to-destination '.$internalip.'; iptables -A FORWARD -s '.$internalip.' -p tcp --dport '.$port.' -j ACCEPT; service iptables save; service iptables restart'); }
function closeport($sship, $sshport, $username, $password, $internalip, $port) { $connection = ssh2_connect($sship, $sshport); ssh2_auth_password($connection, $username, $password); $cmd = ssh2_exec($connection, 'screen -dmS '.$_SESSION['username'].' & iptables -t nat -A PREROUTING -p tcp --dport '.$port.' -j DNAT --to-destination '.$internalip.'; iptables -A FORWARD -s '.$internalip.' -p tcp --dport '.$port.' -j ACCEPT; service iptables save; service iptables reload'); }
Incomplete script. It is very hard to troubleshoot what is wrong but the function is in the script. We will have to look at everything to troubleshoot.
The commands are sent all I need is the right commands