iptables port forwarding from pptp ppp0 to another ip in eth0 internal network

alshahad · June 2015

Hello,

I have setup pptp client in Centos and it is connected, the ip is 10.5.6.5, which this part is totally works.

I have eth0 that have this ip 192.168.0.2, I want to forward the TCP port (3389) from ppp0 to eth0 , which will be to another ip in the same internal network of eth0: 192.168.0.5:3389

I have tested many solution over the internet, none of them gets work. May some body help me in this?

The whole story: 10.5.6.5 (ppp0) >>> forward port 3389 >>> to another ip in eth0 (192.168.0.5:3389)

Thanks.

sc754 · June 2015

iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 3389 -j DNAT --to 192.168.0.5:3389

Edit: I think...

alshahad · June 2015

Thanks @sc754, but this also not works

sc754 · June 2015

@alshahad said:
Thanks sc754, but this also not works

Maybe change -i ppp0 to -i eth0, where's the connection coming into? -i should be the interface the connection is coming from.

alshahad · June 2015

@sc754, Yes, already has been tested but it is not works. I do not know what exact the issue.

sc754 · June 2015

#!/bin/sh

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -F
iptables -t nat -F
iptables -X

iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 192.168.0.5:3389
iptables -t nat -A POSTROUTING -p tcp -d 192.168.0.5 --dport 3389 -j SNAT --to-source 10.5.6.5

Try the above as a script, might work.

alshahad · June 2015

Not worked also , rules it shows in the server but browser not works.

If it will be simple to redirect all connections from all interfaces (port 80) to 192.168.0.5:80 that would be fine.

Abdulla

sc754 · June 2015

Maybe try to ping your eth0 ip 192.168.0.2 (also try 192.168.0.5) once you are connected to the vpn server from your vpn client machine.

I assume you want VPN Client > VPN Server > local ip on VPN Server machine = 192.168.0.5 ?

alshahad · June 2015

No, actually it is the opposite. as it will be

VPN Server > VPN Client > local ip on VPN client = 192.168.0.5

And from VPN client:

[root@server2 ~]# ping 192.168.0.5 PING 192.168.0.5 (192.168.0.5) 56(84) bytes of data. 64 bytes from 192.168.0.5: icmp_seq=1 ttl=64 time=0.234 ms 64 bytes from 192.168.0.5: icmp_seq=2 ttl=64 time=0.171 ms ^C --- 192.168.0.5 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1606ms rtt min/avg/max/mdev = 0.171/0.202/0.234/0.034 ms

Hope this would help?

sc754 · June 2015

Ok so the vpn server machine has what network interface that faces the internet? Is it eth0 on that machine?

I think you'll need a rule to send from eth0 (whatever internet facing interface) to VPN client ip. Then on the vpn client machine you'll need a rule to forward from VPN client ip to local ip 192.168.0.5

alshahad · June 2015

Finally got this works. I did not notice that ppp0 was ppp2

Thank you very much @sc754

sc754 · June 2015

@alshahad said:
Finally got this works. I did not notice that ppp0 was ppp2

Thank you very much sc754

What did you use, incase anyone else faces a similar problem?

alshahad · June 2015

Hi,

Simply:

-A PREROUTING -p tcp -m tcp --dport 3389 -j DNAT --to-destination 192.168.0.5:3389

And it works perfectly.

Howdy, Stranger!

Categories

In this Discussion

iptables port forwarding from pptp ppp0 to another ip in eth0 internal network

Comments

Thanks @sc754

Howdy, Stranger!

Quick Links

Categories

In this Discussion

iptables port forwarding from pptp ppp0 to another ip in eth0 internal network

Comments

Thanks @sc754