I've been trying for the past 3 hours to forward the 443 port from my client to the 20443 port on my server (CentOS 7 on OpenVZ), so i can access it on https://myserver:20443.
I have OpenVPN Acces installed and this is the client config on it :
I use this script to forward.
$1 = Client port (here 443)
$2 = Outside port (here 20443)
172.28.224.30 = Private client (fixed ip)
Code: Select all
#!/bin/bash
iptables -A FORWARD -i eth0 -p tcp --dport $2 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport $2 -j DNAT --to-destination 172.28.224.30:$1 #command
iptables -A FORWARD -i tun0 -p tcp --dport $1 -j ACCEPT
iptables -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport $1 -j DNAT --to-destination 172.28.224.30:$1 #command
iptables -t nat -A PREROUTING -p tcp -d EXTERNAL_IP --dport $2 -j DNAT --to-destination 172.28.224.30:$1
iptables -A FORWARD -p tcp -d 172.28.224.30 --dport $1 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -p tcp -i eth0 -d 172.28.224.30 --dport $2 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d EXTERNAL_IP --dport $2 -j DNAT --to-destination 172.28.224.30:$1
When I try access to it, i get a ERR_CONNECTION_TIMED_OUT, (not a CONNECTION_REFUSED). So I think the port 20443 is accepted, but doesn't redirect to 172.28.224.30:443 :/
Is there something I do wrong ?
Thanks in advance !