Port Forwarding to Client for IP Camera

[hvymetal]

I searched to to no avail so I need someone's help. My parents ISP do not allow forwarding ports. They want to setup a IP sercuity camera to use over the internet. So I setup to two tomato based router using OpenVPN tunneling. I want to use my internet connection to allow the port required by the IP camera to be access via the internet. I got OpenVPN to tunnel correctly and I can connect to the camera via my network but I could not come up with the correct IPTABLE to forward the port correctly to work over the internet.

Here is my setup
OpenVPN Server Router with ISP allowing port forwarding
192.168.10.1
10.0.0.1
Server Firewall iptables
iptables -I FORWARD -i br0 -o tun21 -j ACCEPT
iptables -I FORWARD -i tun21 -o br0 -j ACCEPT
iptables -I INPUT -i tun21 -j ACCEPT

OpenVPN Client Router with ISP not allowing port forwarding
192.168.6.1
10.0.0.2
Client Firewall iptables
iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
iptables -I INPUT -i tun11 -j ACCEPT

IP Camera
192.168.6.106 port 8000

[Mimiko]

This is a forwarding and masquerading question. Please read this article http://www.hackorama.com/network/portfwd.shtml to understan the forwarding ports.

[hvymetal]

I tried the following below on the router with the OpenVPN server
but once added I no longer can connect 192.168.6.106:8000 and can not see it from the internet.

Code: Select all

iptables -I INPUT 2 -p tcp --dport 8000 -j ACCEPT
iptables -A FORWARD -p tcp -i br0 -d  192.168.10.1 --dport 8000 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d 192.168.6.106 --dport 8000 -j DNAT --to-destination  192.168.10.1:8000