Routing incoming WAN traffic to another server via OpenVPN tunnel
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Tue Sep 12, 2017 8:34 am
Routing incoming WAN traffic to another server via OpenVPN tunnel
I live in a country where static IPs are prohibitively expensive on domestic connections. My solution has been to set up a server on a small VPS in a datacentre and utilise the IP that comes with that VPS. . .What I can't figure out is how to route the incoming traffic at that VPS to my connection at home, where I have a small VoIP server. To be clear, I will point voip.example.com to the VPS public IP, and I need to then forward all that traffic over the VPN tunnel I set up to the VoIP server at home (voip.example.com updates with DDNS). The VPS is the OpenVPN client. I just can't figure this out how to make this work, I'd sure appreciate some hints.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Tue Sep 12, 2017 8:34 am
Re: Routing incoming WAN traffic to another server via OpenVPN tunnel
OK I've been at it for a few days and figured I need DNAT of some kind. So, I pointed vpn.example.com at my VPS public IP 111.222.333.444
This VPS is OpenVPN client connected to remote VPN server at home. I'm now trying to make VPN client route WAN traffic to VPN server and then onto VoIP server.
I've tried the following DNAT on the VPS. . .
*nat
: PREROUTING ACCEPT [0:0]
: POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p udp --dport 1194 -j DNAT --to-destination 10.57.0.1
-A POSTROUTING -s 10.57.0.0/22 -o tun0 -j MASQUERADE
COMMIT
However I just can't make this work.
To add a little clarity. . .
VoIP Server 192.168.1.253
VPN Server 192.168.1.254 with internal network 10.57.0.0/22
VPN client is on a VPS at WAN IP 111.222.333.444
Need VoIP clients to dial into VPN server via the VPS public IP. I've tried all kind of messing around with DNAT but it just won't work. IP forwarding is enabled on all machines. Routes are set up properly and I can ping from VPS to VPN and VoIP servers, both ways.
Please help me {cute kitten face, big eyes}
This VPS is OpenVPN client connected to remote VPN server at home. I'm now trying to make VPN client route WAN traffic to VPN server and then onto VoIP server.
I've tried the following DNAT on the VPS. . .
*nat
: PREROUTING ACCEPT [0:0]
: POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p udp --dport 1194 -j DNAT --to-destination 10.57.0.1
-A POSTROUTING -s 10.57.0.0/22 -o tun0 -j MASQUERADE
COMMIT
However I just can't make this work.
To add a little clarity. . .
VoIP Server 192.168.1.253
VPN Server 192.168.1.254 with internal network 10.57.0.0/22
VPN client is on a VPS at WAN IP 111.222.333.444
Need VoIP clients to dial into VPN server via the VPS public IP. I've tried all kind of messing around with DNAT but it just won't work. IP forwarding is enabled on all machines. Routes are set up properly and I can ping from VPS to VPN and VoIP servers, both ways.
Please help me {cute kitten face, big eyes}