i am struggling with this, i tried 2 different ways, The first way was with UFW, the 2nd way was with iptables, after using grep command, the server is listening on port 1194 for UDP. My problem is when my client device tries to connect via the vpn, to my vps server it stops whilst trying to connect. I think its associated with the routing tables, i couldnt really find the correct info in relation to setting up the openvpn server. If i didnt set any iptables the openvpn works fine. I only require 1 port to be open which is 44158. So id like my client to connect to the openvpn server via the remote vps server and to forward all inbound and outbound traffic to port 44158.
The commands i used where:
iptables -t nat -I PREROUTING -p udp --dport 1194 -j REDIRECT --to-port 44158
iptables -I INPUT -p udp --dport 44158 -j ACCEPT
Adding the above caused openvpn server to stop whilst the client was trying to connect, if i reverted back to default setting it worked, but obviousley port 44158 is closed.
I couldnt figure out what to configure on the openvpn server is it all done by iptables? I have some basic experience with servers but ive never tried to port forward before or open ports. Im using Road warrior openvpn which was very easy to setup, although doesnt seem to be the full version. Vps server is running ubuntu 18.04 lts fully updated. Any help or advice would be much appreciated.
Here are the iptables that i have added.
Some of these may not be required but im trying all sorts
iptables -I FORWARD 1 -d 10.8.0.2 -p tcp --dport 44158 -j ACCEPT
iptables -t nat -A POSTROUTING -m conntrack --ctstate DNAT -d 10.8.0.2 -p tcp --dport 44158 -j SNAT --to-source 10.8.0.1
iptables -t nat -A PREROUTING -d (vps.server.ip) -p tcp --dport 44158 -j DNAT --to-dest 10.8.0.2:44158
iptables -t nat -A POSTROUTING -d 10.8.0.2 -p tcp --dport 44158 -j SNAT --to-source 10.8.0.1
iptables -I FORWARD 1 -d 10.8.0.2 -p udp --dport 44158 -j ACCEPT
iptables -t nat -A POSTROUTING -m conntrack --ctstate DNAT -d 10.8.0.2 -p udp --dport 44158 -j SNAT --to-source 10.8.0.1
iptables -t nat -A PREROUTING -d (vps.server.ip) -p udp --dport 44158 -j DNAT --to-dest 10.8.0.2:44158
iptables -t nat -A POSTROUTING -d 10.8.0.2 -p udp --dport 44158 -j SNAT --to-source 10.8.0.1
iptables -A OUTPUT -p tcp --dport 44158 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 44158 -m state --state NEW,ESTABLISHED -j ACCEPT
ive also enabled port forwarding sysctl net.ipv4.ip_forward=1
Im testing this on my laptop which has openvpn client software installed. The ip of the laptop assigned by openvpn is 10.8.0.2
My goal is to connect a helium miner to the vpn which requires 44158 to be open via the vpn tunnel to "gossip" to other helium miners on the helium network. It can be done but it isnt straight forward, ive followed numerous guides which havent worked.
The LAN ip address of the laptop on my network is 192.168.0.3
I am now pretty confident working with iptables if i need to remove any i can do so to suit.
Any advice would be gratefully appreciated. Thank you.
