Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


NAT VPS - Stupid Question!
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

NAT VPS - Stupid Question!

Hi,
I have just purchased my first NAT VPS. I am trying to setup some level of iptables firewall, I suspect I am doing something really stupid... I guess the first question is, is it even possible, when ever I turn on the ipv6 firewall I loose connection to my VPS (SSH and ipv6 HTTPS). I have tried ufw too (with the same result). Is netfilter available in the kernel? If not what should I be doing to secure my VPS?

Secondly (and this is a silly question) are my IPv4 NAT Ports NATed straight through by the provider i.e port IPv4:10818 -> NATIP:10818

Thanks!

Comments

  • AnthonySmithAnthonySmith Member, Patron Provider

    michaels said: Secondly (and this is a silly question) are my IPv4 NAT Ports NATed straight through by the provider i.e port IPv4:10818 -> NATIP:10818

    Yep.

    michaels said: is it even possible, when ever I turn on the ipv6 firewall I loose connection to my VPS (SSH and ipv6 HTTPS)

    Yup.

  • michaels said: Secondly (and this is a silly question) are my IPv4 NAT Ports NATed straight through by the provider i.e port IPv4:10818 -> NATIP:10818

    Since you're asking the second question, you should keep in mind that your SSH port is indeed translated, so that your ssh daemon listens on port 22. Configure your firewall rules accordingly.

  • AnthonySmithAnthonySmith Member, Patron Provider

    Felt bad giving a short answer, here you go:

    You will need to make sure you allow those ports to be open in your ipv6 firewall otherwise the default action is to block them.

    IP4 wise yes, the node external IP is what you use, for for example.

    I want ip 1.2.3.4(node IP) port 4321 and your VPS is 5.6.7.8

    1.2.3.4 gets the connection on port 4321, it then says, hey i have a iptables rule for that port, and looks at the rule which tells it to forward any traffic on port 4321 to your NAT IP 5.6.7.8

    Your VPS is not aware that the host node has that rule, it just gets the traffic.

    hope that makes sense.

  • michaelsmichaels Member
    edited February 2018

    Thanks! The first answer was enough, I just wanted to make sure I wasn't going mad!

    Yeah all makes sense. I'll see what's going on with my iptables and ip6tables rules then :/

Sign In or Register to comment.