Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

iptables port forwarding from pptp ppp0 to another ip in eth0 internal network
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

iptables port forwarding from pptp ppp0 to another ip in eth0 internal network

alshahadalshahad Member
in Help

Hello,

I have setup pptp client in Centos and it is connected, the ip is 10.5.6.5, which this part is totally works.

I have eth0 that have this ip 192.168.0.2, I want to forward the TCP port (3389) from ppp0 to eth0 , which will be to another ip in the same internal network of eth0: 192.168.0.5:3389

I have tested many solution over the internet, none of them gets work. May some body help me in this?

The whole story: 10.5.6.5 (ppp0) >>> forward port 3389 >>> to another ip in eth0 (192.168.0.5:3389)

Thanks.

Comments

  • sc754sc754 Member

    iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 3389 -j DNAT --to 192.168.0.5:3389

    Edit: I think...

  • alshahadalshahad Member

    Thanks @sc754, but this also not works :(

  • sc754sc754 Member

    @alshahad said:
    Thanks sc754, but this also not works :(

    Maybe change -i ppp0 to -i eth0, where's the connection coming into? -i should be the interface the connection is coming from.

  • alshahadalshahad Member

    @sc754, Yes, already has been tested but it is not works. I do not know what exact the issue.

  • sc754sc754 Member
    edited June 2015 
    #!/bin/sh

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -F
iptables -t nat -F
iptables -X

iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 192.168.0.5:3389
iptables -t nat -A POSTROUTING -p tcp -d 192.168.0.5 --dport 3389 -j SNAT --to-source 10.5.6.5

    Try the above as a script, might work.

  • alshahadalshahad Member

    Not worked also :( , rules it shows in the server but browser not works.

    If it will be simple to redirect all connections from all interfaces (port 80) to 192.168.0.5:80 that would be fine.

    Abdulla

  • sc754sc754 Member
    edited June 2015

    Maybe try to ping your eth0 ip 192.168.0.2 (also try 192.168.0.5) once you are connected to the vpn server from your vpn client machine.

    I assume you want VPN Client > VPN Server > local ip on VPN Server machine = 192.168.0.5 ?

  • alshahadalshahad Member

    No, actually it is the opposite. as it will be

    VPN Server > VPN Client > local ip on VPN client = 192.168.0.5

    And from VPN client:

    [root@server2 ~]# ping 192.168.0.5 PING 192.168.0.5 (192.168.0.5) 56(84) bytes of data. 64 bytes from 192.168.0.5: icmp_seq=1 ttl=64 time=0.234 ms 64 bytes from 192.168.0.5: icmp_seq=2 ttl=64 time=0.171 ms ^C --- 192.168.0.5 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1606ms rtt min/avg/max/mdev = 0.171/0.202/0.234/0.034 ms

    Hope this would help?

  • sc754sc754 Member

    Ok so the vpn server machine has what network interface that faces the internet? Is it eth0 on that machine?

    I think you'll need a rule to send from eth0 (whatever internet facing interface) to VPN client ip. Then on the vpn client machine you'll need a rule to forward from VPN client ip to local ip 192.168.0.5

  • alshahadalshahad Member

    Finally got this works. I did not notice that ppp0 was ppp2 :D

    Thank you very much @sc754

  • sc754sc754 Member

    @alshahad said:
    Finally got this works. I did not notice that ppp0 was ppp2 :D

    Thank you very much sc754

    What did you use, incase anyone else faces a similar problem?

  • alshahadalshahad Member
    edited June 2015

    Hi,

    Simply:

    -A PREROUTING -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.0.5:3389

    And it works perfectly.

    Thanks @sc754

    Thanked by 1sc754
Sign In or Register to comment.