Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Is reverse VPN possible?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is reverse VPN possible?

I want to forward specific port (443,80) to my local server. Is it possible?

TL dr, my domain > my VPN ip > my pc (connected to VPN)

Thanked by 1receivedthanks

Comments

  • sibapersibaper Member
    edited October 2019

    yeah, I do that to access my dynamic ip at home.

    just a simple iptables forwarding

  • Question is unclear. Sounds like HAProxy.

    Thanked by 1receivedthanks
  • Yes, it is possible. Of course, you should set up the proxy (nginx, haproxy, etc) in your VPN server.

    Thanked by 1receivedthanks
  • hwthwt Member

    you might be interested in something like https://ngrok.com

    Thanked by 1receivedthanks
  • FrankZFrankZ Veteran
    edited October 2019

    You can do this a couple of different ways...
    As some have suggested above, you can use a reverse proxy if all you wish to do is have a fixed IP for your domain, if you do not have a fixed IP at home. This will probably give you the best performance, with the least setup and maintenance issues.

    As you asked the question, I am going to assume that you already have a tunnel between your VPS and your home server. If this is correct you would need to add IPtable rules to your "nat" table on the VPS as @sibaper suggested. Something like:

    -A PREROUTING -p tcp -m tcp -d <your VPS IP> --dport 80 -j DNAT --to-destination <Your VPN IP at the home server>:80
    -A POSTROUTING -s <Your VPN IP at the home server> -j SNAT --to <your VPS IP>
    

    And to the forward table something like:

        -A FORWARD -i <VPN Interface Name (ie: vpn1)> -j ACCEPT
        -A FORWARD -o <VPN Interface Name> -j ACCEPT
    

    You would also need to add a routing table (or change the default route) to/on your home server so as to have the home server send traffic back through the tunnel.

    Edit: Added forward table.

  • iirc someone mentioned tinc for these kind of stuff before.
    e.g. if you get 10.10.10.1 for your VPS and 10.10.10.2 for your home, just set NGiNX to proxy to 10.10.10.2

  • yokowasisyokowasis Member
    edited October 2019

    I don't really know what is the right term for this case.

    Basically I connect my home pc to my open VPN server. And then I want to forward some port from my vps to my pc, e.g. 80, 443. So when people open my vps ip from the browser, it will be forwarded to my local pc.

    Thanked by 1receivedthanks
  • @hwt said:
    you might be interested in something like https://ngrok.com

    Yes. This is what I am looking for. Any way to make this possible trough self hosted? What's is the term of this? haProxy (I don't even know what is this)?

    Thanked by 1receivedthanks
  • @yokowasis said:
    I don't really know what is the right term for this case.

    Basically I connect my home pc to my open VPN server. And then I want to forward some port from my vps to my pc, e.g. 80, 443. So when people open my vps ip from the browser, it will be forwarded to my local pc.

    I haven't done this myself, but in theory you can set up a tinc VPN (think of this as some kind of router. It should make a LAN network between your VM and your home PC). Then, you can just use nginx proxy_pass to http://your-home-pc-tinc-ip

  • Hey, It seems I have right tutorial what you want to achive.
    it's mine, so it is used Indonesia language
    https://blackhiden.blogspot.com/search?q=openvpn
    just scroll down (or maybe you're interested with other tutorial).

    Thanked by 1receivedthanks
  • @blackhiden said:
    Hey, It seems I have right tutorial what you want to achive.
    it's mine, so it is used Indonesia language
    https://blackhiden.blogspot.com/search?q=openvpn
    just scroll down (or maybe you're interested with other tutorial).

    https://blackhiden.blogspot.com/2017/12/port-forwarding-ke-arah-openvpn-client.html

    Thanked by 1receivedthanks
  • @blackhiden said:
    Hey, It seems I have right tutorial what you want to achive.
    it's mine, so it is used Indonesia language
    https://blackhiden.blogspot.com/search?q=openvpn
    just scroll down (or maybe you're interested with other tutorial).

    Thanks. Appreciate it. Probably what I am looking for.

    Thanked by 1receivedthanks
  • Very possible using tinc :)

    I'm using a vps as tinc server, and pc connected as tinc client. So when someone open a domain as explorer.domain.com -- internal tinc ip which is a pc with port.

    I used to run a cryptocurrency blockcain explorer from my pc or from virtualbox. Search for tutorial "tinc" on my blog

  • yokowasis said: Yes. This is what I am looking for. Any way to make this possible trough self hosted? What's is the term of this? haProxy (I don't even know what is this)?

    While ngrock cannot be self hosted, I'm using this one.

    https://github.com/localtunnel/localtunnel

    Also, this has some limited-free version.

    http://serveo.net/#self-host

    Thanked by 1receivedthanks
  • JanevskiJanevski Member
    edited October 2019

    It is potassible.

    Establish layer 2 vpn connection, in any direction you can, assign networks and route traffic whichever way you want.

    Thanked by 1receivedthanks
  • I have several reverse-VPN's setup on Android phones to allow me to use their 4G connection as a remote/local reverse proxy via IP-over-DNS. iodine is incredibly easy to setup (even more so than OpenVPN-server).

    Follow these instructions for setup https://jmpesp.me/dns-tunnelling-with-iodine/

    Thanked by 1receivedthanks
  • I just setup the ssh reverse tunnel using autossh when I need a temp solution.

    If the server you have is Linux its very straight forward. Just have a server with static ip and key based ssh auth ready and open the required ports on your firewall in your case its 443, 80.

    Then in you local server try logging into the server using the following command.

    autossh -M 29001 -f -N -R 443:localhost:443 -R 80:localhost:80 root@<server IP>

    If this runs properly then you will be able to access your site from the server static ip.

    if it does not then you need check the flags in the above command.

    After this add it to you cron jobs.

    <--------------->

    I run the above in my machine when I want a client to take a look at local CP or some thing which is temporary.

    If I want to do the same with strangers or over the phone I just use

    https://serveo.net

    or

    ngrok

    but it is very reliable for what it is in both the solutions.

    if you wanna do the same thing on windows just use a client like bitvise and setup the tunnels instead of Autossh.

    Thanked by 1receivedthanks
  • Thanks Guys for all the information. I think I have all the information I need to start implement this. Appreciate it.

    Thanked by 1ITLabs
  • @RemoteControl said:
    I have several reverse-VPN's setup on Android phones to allow me to use their 4G connection as a remote/local reverse proxy via IP-over-DNS. iodine is incredibly easy to setup (even more so than OpenVPN-server).

    Follow these instructions for setup https://jmpesp.me/dns-tunnelling-with-iodine/

    Does Iodine work for you on Android 9? Tried the official app on F-Droid, but always failed to connect :(

  • @simonindia said:
    I just setup the ssh reverse tunnel using autossh when I need a temp solution.

    If the server you have is Linux its very straight forward. Just have a server with static ip and key based ssh auth ready and open the required ports on your firewall in your case its 443, 80.

    Then in you local server try logging into the server using the following command.

    autossh -M 29001 -f -N -R 443:localhost:443 -R 80:localhost:80 root@<server IP>

    If this runs properly then you will be able to access your site from the server static ip.

    if it does not then you need check the flags in the above command.

    After this add it to you cron jobs.

    <--------------->

    I run the above in my machine when I want a client to take a look at local CP or some thing which is temporary.

    If I want to do the same with strangers or over the phone I just use

    https://serveo.net

    or

    ngrok

    but it is very reliable for what it is in both the solutions.

    if you wanna do the same thing on windows just use a client like bitvise and setup the tunnels instead of Autossh.

    ssh forwarding. I just remember that.
    alternative solution

Sign In or Register to comment.