Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Is reverse VPN possible?
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Is reverse VPN possible?

    I want to forward specific port (443,80) to my local server. Is it possible?

    TL dr, my domain > my VPN ip > my pc (connected to VPN)

    Thanked by 1receivedthanks

    Comments

    • sibapersibaper Member
      edited October 10

      yeah, I do that to access my dynamic ip at home.

      just a simple iptables forwarding

      We only support unsupported OS!

    • Question is unclear. Sounds like HAProxy.

      Thanked by 1receivedthanks
    • Yes, it is possible. Of course, you should set up the proxy (nginx, haproxy, etc) in your VPN server.

      Thanked by 1receivedthanks
    • hwthwt Member

      you might be interested in something like https://ngrok.com

      Thanked by 1receivedthanks
    • FrankZFrankZ Member
      edited October 10

      You can do this a couple of different ways...
      As some have suggested above, you can use a reverse proxy if all you wish to do is have a fixed IP for your domain, if you do not have a fixed IP at home. This will probably give you the best performance, with the least setup and maintenance issues.

      As you asked the question, I am going to assume that you already have a tunnel between your VPS and your home server. If this is correct you would need to add IPtable rules to your "nat" table on the VPS as @sibaper suggested. Something like:

      -A PREROUTING -p tcp -m tcp -d <your VPS IP> --dport 80 -j DNAT --to-destination <Your VPN IP at the home server>:80
      -A POSTROUTING -s <Your VPN IP at the home server> -j SNAT --to <your VPS IP>
      

      And to the forward table something like:

          -A FORWARD -i <VPN Interface Name (ie: vpn1)> -j ACCEPT
          -A FORWARD -o <VPN Interface Name> -j ACCEPT
      

      You would also need to add a routing table (or change the default route) to/on your home server so as to have the home server send traffic back through the tunnel.

      Edit: Added forward table.


      No

    • iirc someone mentioned tinc for these kind of stuff before.
      e.g. if you get 10.10.10.1 for your VPS and 10.10.10.2 for your home, just set NGiNX to proxy to 10.10.10.2

    • yokowasisyokowasis Member
      edited October 10

      I don't really know what is the right term for this case.

      Basically I connect my home pc to my open VPN server. And then I want to forward some port from my vps to my pc, e.g. 80, 443. So when people open my vps ip from the browser, it will be forwarded to my local pc.

      Thanked by 1receivedthanks
    • @hwt said:
      you might be interested in something like https://ngrok.com

      Yes. This is what I am looking for. Any way to make this possible trough self hosted? What's is the term of this? haProxy (I don't even know what is this)?

      Thanked by 1receivedthanks
    • @yokowasis said:
      I don't really know what is the right term for this case.

      Basically I connect my home pc to my open VPN server. And then I want to forward some port from my vps to my pc, e.g. 80, 443. So when people open my vps ip from the browser, it will be forwarded to my local pc.

      I haven't done this myself, but in theory you can set up a tinc VPN (think of this as some kind of router. It should make a LAN network between your VM and your home PC). Then, you can just use nginx proxy_pass to http://your-home-pc-tinc-ip

    • Hey, It seems I have right tutorial what you want to achive.
      it's mine, so it is used Indonesia language
      https://blackhiden.blogspot.com/search?q=openvpn
      just scroll down (or maybe you're interested with other tutorial).

      Thanked by 1receivedthanks
    • @blackhiden said:
      Hey, It seems I have right tutorial what you want to achive.
      it's mine, so it is used Indonesia language
      https://blackhiden.blogspot.com/search?q=openvpn
      just scroll down (or maybe you're interested with other tutorial).

      https://blackhiden.blogspot.com/2017/12/port-forwarding-ke-arah-openvpn-client.html

      Thanked by 1receivedthanks
    • @blackhiden said:
      Hey, It seems I have right tutorial what you want to achive.
      it's mine, so it is used Indonesia language
      https://blackhiden.blogspot.com/search?q=openvpn
      just scroll down (or maybe you're interested with other tutorial).

      Thanks. Appreciate it. Probably what I am looking for.

      Thanked by 1receivedthanks
    • Very possible using tinc :)

      I'm using a vps as tinc server, and pc connected as tinc client. So when someone open a domain as explorer.domain.com -- internal tinc ip which is a pc with port.

      I used to run a cryptocurrency blockcain explorer from my pc or from virtualbox. Search for tutorial "tinc" on my blog

    • yokowasis said: Yes. This is what I am looking for. Any way to make this possible trough self hosted? What's is the term of this? haProxy (I don't even know what is this)?

      While ngrock cannot be self hosted, I'm using this one.

      https://github.com/localtunnel/localtunnel

      Also, this has some limited-free version.

      http://serveo.net/#self-host

      Thanked by 1receivedthanks

      time wasters please dont comment as we are a serious buyer
      Programmer trying to do Logo Designs

    • JanevskiJanevski Member
      edited October 10

      It is potassible.

      Establish layer 2 vpn connection, in any direction you can, assign networks and route traffic whichever way you want.

      Thanked by 1receivedthanks

      You are dreaming. | And it's a nightmare. | THE SECRET THREAD | THE TRUTH | HAVES YOU SEEN THIS YURA?

    • I have several reverse-VPN's setup on Android phones to allow me to use their 4G connection as a remote/local reverse proxy via IP-over-DNS. iodine is incredibly easy to setup (even more so than OpenVPN-server).

      Follow these instructions for setup https://jmpesp.me/dns-tunnelling-with-iodine/

      Thanked by 1receivedthanks

      </script> ;-P

    • I just setup the ssh reverse tunnel using autossh when I need a temp solution.

      If the server you have is Linux its very straight forward. Just have a server with static ip and key based ssh auth ready and open the required ports on your firewall in your case its 443, 80.

      Then in you local server try logging into the server using the following command.

      autossh -M 29001 -f -N -R 443:localhost:443 -R 80:localhost:80 [email protected]<server IP>

      If this runs properly then you will be able to access your site from the server static ip.

      if it does not then you need check the flags in the above command.

      After this add it to you cron jobs.

      <--------------->

      I run the above in my machine when I want a client to take a look at local CP or some thing which is temporary.

      If I want to do the same with strangers or over the phone I just use

      https://serveo.net

      or

      ngrok

      but it is very reliable for what it is in both the solutions.

      if you wanna do the same thing on windows just use a client like bitvise and setup the tunnels instead of Autossh.

      Thanked by 1receivedthanks

      Make your choice on your own But i can help you to make them right.

    • Thanks Guys for all the information. I think I have all the information I need to start implement this. Appreciate it.

      Thanked by 1ITLabs
    • @RemoteControl said:
      I have several reverse-VPN's setup on Android phones to allow me to use their 4G connection as a remote/local reverse proxy via IP-over-DNS. iodine is incredibly easy to setup (even more so than OpenVPN-server).

      Follow these instructions for setup https://jmpesp.me/dns-tunnelling-with-iodine/

      Does Iodine work for you on Android 9? Tried the official app on F-Droid, but always failed to connect :(

    • @simonindia said:
      I just setup the ssh reverse tunnel using autossh when I need a temp solution.

      If the server you have is Linux its very straight forward. Just have a server with static ip and key based ssh auth ready and open the required ports on your firewall in your case its 443, 80.

      Then in you local server try logging into the server using the following command.

      autossh -M 29001 -f -N -R 443:localhost:443 -R 80:localhost:80 [email protected]<server IP>

      If this runs properly then you will be able to access your site from the server static ip.

      if it does not then you need check the flags in the above command.

      After this add it to you cron jobs.

      <--------------->

      I run the above in my machine when I want a client to take a look at local CP or some thing which is temporary.

      If I want to do the same with strangers or over the phone I just use

      https://serveo.net

      or

      ngrok

      but it is very reliable for what it is in both the solutions.

      if you wanna do the same thing on windows just use a client like bitvise and setup the tunnels instead of Autossh.

      ssh forwarding. I just remember that.
      alternative solution

    Sign In or Register to comment.