I'm trying to establish a private torrenting setup using qBittorrent on my local whitebox server machine using Ubuntu 22.04 called seedbox-server and a Virtual Private Server (VPS) as a VPN using Ubuntu 22.04 and OpenVPN (I used https://github.com/Nyr/openvpn-install) called openvpn-server. My local machine, acting as a private tracker seedbox, has qbittorrent-nox (https://github.com/userdocs/qbittorrent ... 5.3_v2.0.9) installed and configured to use port 15986 for inbound connections with tun0 as the network interface. My goal is to have all torrenting traffic from my seedbox go through my VPS, mostly for privacy reasons.
I've successfully set up a VPN connection between my seedbox and VPS using OpenVPN, and all traffic seems to flow fine through the VPN tunnel for regular tasks - or at least, curl ifconfig.me returns the public IP of my OpenVPN VPS server (5x.xx.xx.xx) on my seedbox while connected to the VPN. However, I've encountered a problem where my seedbox's qBittorrent service is unable to have working inbound connections over the VPN, the port appears closed and private tracker connection tests say things like the client on 5x.xx.xx.xx:15986 appears to be not connectable due to: Connection timed out
Despite seeing traffic on port 15986 (which indicates qBittorrent should be operational) on the seedbox via sudo tcpdump -i any port 15986, I can't seem to connect to the VPN IP 10.8.0.2 on that port via telnet 10.8.0.2 15986 from my OpenVPN server VPS and can't connect to the public OpenVPN server VPS IP (5x.xx.xx.xx) on port 15986. Also, traceroute -p 15986 10.8.0.1 on my seedbox returns 10.8.0.2, and vice versa with traceroute -p 15986 10.8.0.2 on my VPS/VPN server returning 10.0.8.2 - ping also works in both directions too.
My current issue lies in troubleshooting why I can't connect to the qBittorrent service on my seedbox through the VPN. It's unclear whether the problem stems from qBittorrent's configuration, the way my VPN routes traffic, or potential interference from other services or network hardware.
Here is my setup:
seedbox-server (client) VPN IP: 10.8.0.2
openvpn-server (server) VPN IP: 10.8.0.1
seedbox-server.ovpn (IP redacted):
client
client
dev tun
proto udp
remote 5x.xx.xx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
dev tun
proto udp
remote 5x.xx.xx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3
openvpn-server /etc/openvpn/server/server.conf (IPs redacted):
server
local 5x.xx.xx.xx
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 2xx.xx.xx.xx"
push "block-outside-dns"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 3
crl-verify crl.pem
explicit-exit-notify
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 2xx.xx.xx.xx"
push "block-outside-dns"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 3
crl-verify crl.pem
explicit-exit-notify
openvpn-server ip route (IPs redacted):
Code: Select all
default via 5x.xx.xx.1 dev ens3 proto dhcp src 5x.xx.xx.xx metric 100
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
5x.xx.xx.1 dev ens3 proto dhcp scope link src 5x.xx.xx.xx metric 100
2xx.xx.xx.xx via 5x.xx.xx.1 dev ens3 proto dhcp src 5x.xx.xx.xx metric 100 Code: Select all
0.0.0.0/1 via 10.8.0.1 dev tun0
default via 192.168.x.1 dev ens6f0 proto static
default via 192.168.x.1 dev ens6f0 proto dhcp src 192.168.x.xx metric 100
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.2
5x.xx.xx.xx via 192.168.x.1 dev ens6f0
128.0.0.0/1 via 10.8.0.1 dev tun0
192.168.x.0/24 dev ens6f0 proto kernel scope link src 192.168.x.xx
192.168.x.1 dev ens6f0 proto dhcp scope link src 192.168.x.xx metric 100 openvpn-server nat iptables: https://gist.github.com/ipkpjersi/febb2 ... 226d094790
seedbox-server iptables: https://gist.github.com/ipkpjersi/f38df ... ee780b742d
seedbox-server nat iptables: https://gist.github.com/ipkpjersi/e5021 ... 06795dec9a
UFW is disabled on both servers. Please let me know if any more details are needed.
I would love any help or advice with this. Thank you for taking the time to read this, I really do appreciate it more than words can express.
UPDATE: I have fixed my networking issue. The issue was that I had an unnecessary iptables postrouting rule. I removed the postrouting rule, and the portforwarding is now working perfectly.