Routing incoming WAN traffic to another server via OpenVPN tunnel

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Pat
OpenVpn Newbie
Posts: 2
Joined: Tue Sep 12, 2017 8:34 am

Routing incoming WAN traffic to another server via OpenVPN tunnel

Post by Pat » Tue Sep 12, 2017 8:36 am

I live in a country where static IPs are prohibitively expensive on domestic connections. My solution has been to set up a server on a small VPS in a datacentre and utilise the IP that comes with that VPS. . .What I can't figure out is how to route the incoming traffic at that VPS to my connection at home, where I have a small VoIP server. To be clear, I will point voip.example.com to the VPS public IP, and I need to then forward all that traffic over the VPN tunnel I set up to the VoIP server at home (voip.example.com updates with DDNS). The VPS is the OpenVPN client. I just can't figure this out how to make this work, I'd sure appreciate some hints.

Pat
OpenVpn Newbie
Posts: 2
Joined: Tue Sep 12, 2017 8:34 am

Re: Routing incoming WAN traffic to another server via OpenVPN tunnel

Post by Pat » Mon Sep 18, 2017 6:30 am

OK I've been at it for a few days and figured I need DNAT of some kind. So, I pointed vpn.example.com at my VPS public IP 111.222.333.444
This VPS is OpenVPN client connected to remote VPN server at home. I'm now trying to make VPN client route WAN traffic to VPN server and then onto VoIP server.

I've tried the following DNAT on the VPS. . .

*nat
: PREROUTING ACCEPT [0:0]
: POSTROUTING ACCEPT [0:0]

-A PREROUTING -i eth0 -p udp --dport 1194 -j DNAT --to-destination 10.57.0.1
-A POSTROUTING -s 10.57.0.0/22 -o tun0 -j MASQUERADE
COMMIT

However I just can't make this work.

To add a little clarity. . .


VoIP Server 192.168.1.253
VPN Server 192.168.1.254 with internal network 10.57.0.0/22
VPN client is on a VPS at WAN IP 111.222.333.444
Need VoIP clients to dial into VPN server via the VPS public IP. I've tried all kind of messing around with DNAT but it just won't work. IP forwarding is enabled on all machines. Routes are set up properly and I can ping from VPS to VPN and VoIP servers, both ways.

Please help me {cute kitten face, big eyes}

Post Reply