Hello There, Guest!
View New Posts  |  View Today's Posts
Routing traffic through a tunnel... I guess

  • 0 Vote(s) - 0 Average


10-22-2014, 12:06 PM #1
Mazzn
ლ(ಠ益ಠლ)
*******
Administrators
Posts: 199 Threads:16 Joined: Sep 2013 Reputation: 19

Routing traffic through a tunnel... I guess
Oooookay, so, I've never been good with all the networking things. and while I'm leaning more and more, I'm still a bit lost when it comes to networking.

Let me explain...
I have server software I need to run on my home computer. Router is using Dual Stack Lite which means no public IPv4 address.
My clients can only connect via a IPv4 address (software restriction, no URL can be entered), refuse to set up a VPN tunnel and claim Hamachi is the root of all evil.

Now here's the deal: Thanks to my job I am now root of a server running Ubuntu 14.04. It has a public IPv4 address (no IPv6 connectivity) but not enough power to run the server software in WINE or something like it.


While there's enough ways to forward/route a port range with Linux, trying to route through a tunnel only resulted in failure, likely due to user errors.

So far I've used Hamachi (it's easy to use, don't hit me please) to open up a tunnel and iptables to set up the redirection. It worked up to the point where iptables routed the packets to... well, somewhere, but they certainly didn't reach my computer. I assume I didn't set up the right adapter to route to, but I'm completely lost right now.

I have since reset the server to default state because I had a ton of forwarding rules set up that didn't do anything except for preventing SSH from working at some point. Whoops.


Can you help me out? If you have other suggestions than Hamachi that is totally fine with me, I just used it because it's simple.
Visit me at mazzn.net & blog.mazzn.net!
//This is very important :)

Self.KeepImproving(true);


10-22-2014, 02:37 PM #2
KoBE
¯\_(ツ)_/¯
******
Global Moderators
Posts: 4,862 Threads:494 Joined: Jun 2011 Reputation: 67

RE: Routing traffic through a tunnel... I guess
Unfortunatly, I'm not very familiar with networking either :\ . Lee Stevens I know does some networking, you might send him a PM or Email and see if he's able to help out. Otherwise, I'll try some googling and see if anything stands out.

10-22-2014, 02:56 PM #3
Mazzn
ლ(ಠ益ಠლ)
*******
Administrators
Posts: 199 Threads:16 Joined: Sep 2013 Reputation: 19

RE: Routing traffic through a tunnel... I guess
Thank you, I appreciate that :) I probably just overlooked something important, quite honestly the amount of parameters on iptables confused the hell out of me, not being much of a CLI user doesn't help either.
Visit me at mazzn.net & blog.mazzn.net!
//This is very important :)

Self.KeepImproving(true);


10-25-2014, 02:31 AM #4
Florin
Junior Member
Team Reboot
Posts: 456 Threads:71 Joined: Dec 2011 Reputation: 14

RE: Routing traffic through a tunnel... I guess
I think setting an VPN would be way easier. So, to understand your configuration, what OS is running on your SERVER HOME computer and you want that when your clients enter an ip, that traffic should be routed to the Ubuntu VPS and from that to the home computer, right? And inverse path, of course.

10-27-2014, 02:35 PM #5
Mazzn
ლ(ಠ益ಠლ)
*******
Administrators
Posts: 199 Threads:16 Joined: Sep 2013 Reputation: 19

RE: Routing traffic through a tunnel... I guess
Hey, sorry, was partying over the weekend (birthday and more stuff) :P Didn't even get to touch my PC.

Home "server" is running Win 7 Pro.

Your description is correct, the user is entering the IP of the VPS, and traffic gets routed from the VPS via VPN to my home machine.
Visit me at mazzn.net & blog.mazzn.net!
//This is very important :)

Self.KeepImproving(true);


01-26-2015, 07:18 AM #6
Mazzn
ლ(ಠ益ಠლ)
*******
Administrators
Posts: 199 Threads:16 Joined: Sep 2013 Reputation: 19

RE: Routing traffic through a tunnel... I guess
A small (and late) followup:
In the end I decided to properly set up OpenVPN on the VPS, forwarding the needed ports to the connected machine. After some hiccups (server not saving the IPv4 forwarding setting, forgetting to save iptables rules...) it's been working fine for a while now!

If anyone happens to run into the same problem/idea, and lacks the iptables knowledge (just like I did), here are the rules I'm using:

Note: 217.xxx.xx.xxx is the public IP of my VPS, and 10.1.1.6 the IP assigned to the client connecting. I am forwarding TCP and UDP on ports 6123 to 6133 to the client with the IP 10.1.1.6.

Of course the ACCEPT policy is set to allow packets to be received on said ports, which should be the case by default.


Code:
iptables -t nat -A PREROUTING -d 217.xxx.xx.xxx/32 -p tcp -m tcp --dport 6123:6133 -j DNAT --to-destination 10.1.1.6
iptables -t nat -A PREROUTING -d 217.xxx.xx.xxx/32 -p udp -m udp --dport 6123:6133 -j DNAT --to-destination 10.1.1.6
iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -j SNAT --to-source 217.xxx.xx.xxx
iptables -t nat -A POSTROUTING -d 10.1.1.6/32 -p tcp -m tcp --dport 6123:6133 -j SNAT --to-source 10.1.1.1
iptables -t nat -A POSTROUTING -d 10.1.1.6/32 -p udp -m udp --dport 6123:6133 -j SNAT --to-source 10.1.1.1

This helped me a lot: http://serverfault.com/questions/557818/...vpn-server
And this simple guide on how to set up OpenVPN: http://www.webhostingtalk.com/showthread.php?t=1167872
Visit me at mazzn.net & blog.mazzn.net!
//This is very important :)

Self.KeepImproving(true);





Forum Jump:



Users browsing this thread: 1 Guest(s)