Port forwarding

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
BartKindt
OpenVpn Newbie
Posts: 1
Joined: Mon Apr 25, 2022 9:59 pm

Port forwarding

Post by BartKindt » Mon Apr 25, 2022 10:09 pm

I have searched around, but still cannot get it to work.
I need to forward certain ports on the Server to the Client via the tunnel.

The OpenVPN is installed on a public Linux server.

In the Web interface of the OpenVPN Server, I set the User Permissions, Set Static IP Address.
Then try to set "Using Routing" but not sure what Network I am supposed to enter here. I set it to the Client side LAN network, which is probably wrong.

Then I set up the DMZ settings like: (Example)
120.138.123.123:tcp/12345

Where the 120.138.123.123 is the public Internet IP address of my Linux Server.

When I try to connect from the Internet to 120.138.123.123/12345 I get a 'Connection Refused' error.

When I look at the "iptable -L" I do not see any Port options. I assumed that the DMZ setup would have done this??

Also: There is no /etc/openvpn directory. I saw comments that I have to add files there?

Thanks, Bart

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Port forwarding

Post by openvpn_inc » Tue Apr 26, 2022 12:58 pm

Hello,

With DMZ Setting you can forward a port on an IP on the Access Server to the connected VPN client. If you get connection refused error, then these are the possible causes;

- You applied the settings but didn't 'update running servers' so that the changes are actually taking effect. To solve this afterwards, run /usr/local/openvpn_as/scripts/sacli start to do a warm restart of services.
- This VPN client is not connected.
- There is a firewall somewhere blocking access to that port.
- The VPN client is not running a service on the port specified.
- Some other unforeseen reason blocking access to this port.

If your Access Server has IP 120.138.123.123 and you want to forward TCP port 12345 then doing this entry in DMZ function is correct:
120.138.123.123:tcp/12345

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply