Hi All,
Since a couple of month, I use my VPS as an OpenVPN server and It work well on all my client. Yesterday, I change my config to allow client to go to my home LAN (use of
Now, I would like to redirect port on my VPS to my home server through the VPN. My VPS and my home gateway are on FreeBSD. Here a schema:
This is my config on my VPS:
And on my Home GW:
I've try something like that but it doesn't work:
VPS:
Home GW:
I can't find on Internet problem like that, I'm sure it's possible but I miss something...
Can you help me ??
Since a couple of month, I use my VPS as an OpenVPN server and It work well on all my client. Yesterday, I change my config to allow client to go to my home LAN (use of
ccd and iroute).Now, I would like to redirect port on my VPS to my home server through the VPN. My VPS and my home gateway are on FreeBSD. Here a schema:
This is my config on my VPS:
Code:
nat on vtnet0 inet from 192.168.253.0/24 to any -> (vtnet0) round-robin
rdr pass inet proto tcp from 192.168.253.0/24 to 1.2.3.4 port = domain -> 127.0.0.1 port 53
rdr pass inet proto udp from 192.168.253.0/24 to 1.2.3.4 port = domain -> 127.0.0.1 port 53
block drop all
block drop in quick from <abusive_ips> to any
pass out on vtnet0 proto tcp all flags S/SA modulate state
pass out on vtnet0 proto udp all keep state
pass out on vtnet0 proto icmp all keep state
pass in on vtnet0 proto tcp from any to (vtnet0) port = ssh flags S/SA keep state
pass in on vtnet0 proto udp from any to (vtnet0) port = openvpn keep state
pass in on tun0 inet from 192.168.253.0/24 to any flags S/SA keep state
Code:
nat on tun0 inet from 192.168.1.0/24 to any -> (tun0) round-robin
rdr pass on fxp0 inet proto tcp from 192.168.1.0/24 to ! 192.168.1.254 port = domain -> 127.0.0.1 port 53
rdr pass on fxp0 inet proto udp from 192.168.1.0/24 to ! 192.168.1.254 port = domain -> 127.0.0.1 port 53
rdr pass on fxp0 inet proto tcp from 192.168.1.0/24 to any port = http -> 127.0.0.1 port 3129
block drop all
block drop in quick from <abusive_ips> to any
pass inet proto icmp all icmp-type echoreq keep state
pass in on xl0 reply-to (xl0 xx.xx.xx.xx) inet proto tcp from any to xx.xx.xx.xx port = ssh flags S/SA keep state (source-track rule, max-src-conn 100, max-src-conn-rate 15/5, overload <abusive_ips> flush global, src.track 5)
pass on fxp0 inet proto tcp from 192.168.1.0/24 to any flags S/SA keep state
pass on fxp0 inet proto udp from 192.168.1.0/24 to any keep state
pass on fxp0 inet proto icmp from 192.168.1.0/24 to any keep state
pass on fxp0 inet proto tcp from 192.168.253.0/24 to any flags S/SA keep state
pass on fxp0 inet proto udp from 192.168.253.0/24 to any keep state
pass on fxp0 inet proto icmp from 192.168.253.0/24 to any keep state
pass on tun0 inet proto tcp all flags S/SA keep state
pass on tun0 inet proto udp all keep state
pass on tun0 inet proto icmp all keep state flags S/SA keep state
pass out on xl0 proto tcp all flags S/SA modulate state
pass out on xl0 proto udp all keep state
pass out on xl0 proto icmp all keep stateVPS:
Code:
rdr pass on vtnet0 inet proto tcp from any to (vtnet0) port 1234 -> 192.168.253.2
Code:
rdr pass on tun0 inet proto tcp from any to 192.168.253.2 -> 192.168.1.1 port 22Can you help me ??
